Friday, March 8, 2013

Android App Licenses make their way to Malware Black Market

Business is business, no matter form it takes. Now it is time for app licenses to be sold in malware black market.

Reportedly, verified Android developers licenses are being sold in an Internet black market for $100 each, giving buyers unfettered access to the official Google Play app store.

Although, it is only the beginning with just reported buyer, but the buyer is a maker of mobile banking Trojans, security blogger Brian Krebs revealed this week. It's may just be a matter of time before the buyer uses the verified licenses to sneak corrupted apps into the Google Play store.

And if this turns out to be true, then legitimate and malicious apps could appear in Google Play under the same publisher's name, fooling app buyers into downloading or purchasing malware.

Krebs said the $100-per-secondhand-license buyer has already made a fairly simple Android mobile banking Trojan called "Perkele," or "devil" in Finnish. Perkele is programmed to intercept two-step-authentication text codes texted to the victim's smartphone from his bank.

Perkele works with existing PC banking Trojans that modify banking websites as the victim attempts to access his online bank account. The altered site prompts users to install a "security certificate" on their smartphones, which is actually Perkele.

Once installed, Perkele secretly waits for the user to log into his online bank account, then copies the two-step authentication code and sends it to the controller of the PC banking Trojan, who uses it to log into the victim's account.

According to Krebs, Perkele targets Citibank, HSBC, ING, Barclays and other financial institutions in 10 countries.

Read more about it at:Tech News


Post a Comment

Twitter Delicious Facebook Digg Stumbleupon Favorites More