An­droid bug helps tar­get bank ac­counts

The Pak Banker - - FRONT PAGE -

A "ma­jor" se­cu­rity weak­ness in Google's An­droid soft­ware has let cy­ber-thieves craft apps that can steal bank­ing lo­gins, a se­cu­rity firm has found. The bug lets at­tack­ers cre­ate fake lo­gin screens that can be in­serted into le­git­i­mate apps to har­vest data.

More than 60 fi­nan­cial in­sti­tu­tions have been tar­geted by the tech­nique, a sur­vey of the Play store in­di­cated.

Google said it had taken ac­tion to close the loop­hole and was keen to find out more about its ori­gins. "It tar­geted sev­eral banks in sev­eral coun­tries and the mal­ware suc­cess­fully ex­ploited end users to steal money," said Tom Hansen, chief tech­nol­ogy of­fi­cer of Nor­we­gian mo­bile se­cu­rity firm Promon, which found the bug.

The prob­lem emerged af­ter Promon an­a­lysed ma­li­cious apps that had been spot­ted drain­ing bank ac­counts.

Called Strandhogg, the vul­ner­a­bil­ity can be used to trick users into think­ing they are us­ing a le­git­i­mate app but are ac­tu­ally click­ing on an over­lay cre­ated by the at­tack­ers.

"We'd never seen this be­hav­iour be­fore," said Mr Hansen. "As the op­er­at­ing sys­tem gets more com­plex it's hard to keep track of all its in­ter­ac­tions," he said. "This looks like the kind of thing that gets lost in that com­plex­ity."

Promon worked with US se­cu­rity firm Look­out to scan apps in An­droid's Play store to see if any were be­ing abused via the Strandhogg bug. They found that 60 sep­a­rate fi­nan­cial in­sti­tu­tions were be­ing tar­geted via apps that sought to ex­ploit the loop­hole. Look­out said it found crim­i­nals used vari­ants of a well-known ma­li­cious money-steal­ing app known as bankbot.

In a state­ment, Google said: "We ap­pre­ci­ate the re­searchers' work, and have sus­pended the po­ten­tially harm­ful apps they iden­ti­fied."

It added: "Ad­di­tion­ally, we're con­tin­u­ing to in­ves­ti­gate in or­der to im­prove Google Play Pro­tect's abil­ity to pro­tect users against sim­i­lar is­sues."

Newspapers in English

Newspapers from Pakistan

© PressReader. All rights reserved.