iTnews
  • Home
  • News
  • Technology
  • Security

Devil targets banks in Google Play store

By Darren Pauli on Mar 7, 2013 12:48PM
Devil targets banks in Google Play store

Legit developer accounts sold to malware writer.

Malware tailored to steal SMS verification tokens from major Australian and kiwi banks is circulating on Google's App store from fraudulent developer accounts.

The bot could be purchased from underground websites and used to target the likes of the Commonwealth Bank, Westpac and NAB along with New Zealand organisations HSBC, Kiwibank and ANZ.

Perkele, meaning devil in Finnish, was used in tandem with PC web application malware, Krebsonsecurrity reported.

Attackers would serve victims a phishing site targeting a nominated bank which would direct them to download the booby-trapped mobile application masquerading as a security verification service.

The app would intercept SMS messages sent by banks to customers to confirm transactions, allowing the fraudsters to empty accounts.

To get the malicious apps on the Google Play store, Perkele's developer was offering to snap up verified accounts for $100 a pop, four times the retail cost.

Those accounts were previously verified by Google to be linked to legitimate applications and domains, allowing the attackers to post their wares to the store.

Attackers could spend $1000 to target a single bank and up to $15,000 to attack any of those supported.

Perkele was not as sophisticated as other bank-targeting malware, but illustrates the types of attacks banks face as more users transact using smartphones.

NAB's head of major crime incident resolution services Grant Baxter said it processes half a million account logins from mobile devices and serves some 10 million transactions each day.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:
androidappsbanksgooglegoogle playmobilessecurity

Partner Content

Avoiding CAPEX by making on-premise IT more cloud-like
Promoted Content Avoiding CAPEX by making on-premise IT more cloud-like
Accenture and Google Cloud team up to create a loveable, Australian-first, renewable energy product
Promoted Content Accenture and Google Cloud team up to create a loveable, Australian-first, renewable energy product
Security "mindset shift" needed to protect organisations
Promoted Content Security "mindset shift" needed to protect organisations
The Great Resignation has intensified insider security threats
Promoted Content The Great Resignation has intensified insider security threats

Sponsored Whitepapers

Extracting the value of data using Unified Observability
Extracting the value of data using Unified Observability
Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership

Events

  • Micro Focus Information Management & Governance (IM&G) Forum 2022
  • CRN Channel Meets: CyberSecurity Live Event
  • IoT Insights: Secure By Design for manufacturing
  • Cyber Security for Government Summit
By Darren Pauli
Mar 7 2013
12:48PM
0 Comments

Related Articles

  • Serious privacy problems found in most health apps
  • Google rolling out age verification on YouTube, Play Store in Australia
  • Any Android security app is better than Google Play Protect
  • Threat actors worked with ISPs to plant malware from Italian spyware vendor
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Qantas calls time on IBM, Fujitsu in tech modernisation

Qantas calls time on IBM, Fujitsu in tech modernisation

Service NSW hits digital services goal two years early

Service NSW hits digital services goal two years early

NBN Co taking orders for 'non-premises' connections

NBN Co taking orders for 'non-premises' connections

NSW Police scores $100m to connect body-cams to firearms, tasers

NSW Police scores $100m to connect body-cams to firearms, tasers

Digital Nation

Crypto experts optimistic about future of Bitcoin: Block
Crypto experts optimistic about future of Bitcoin: Block
IBM global chief data officer on the rise of the number crunchers
IBM global chief data officer on the rise of the number crunchers
COVER STORY: Operationalising net zero through the power of IoT
COVER STORY: Operationalising net zero through the power of IoT
Integrity, ethics and board decisions in the digital age
Integrity, ethics and board decisions in the digital age
The security threat of quantum computing
The security threat of quantum computing
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.