An Android Chrome bug that’s already under attack – with criminals pushing banking trojans to more than 300,000 devices – won’t get patched until the next release of the mobile browser. The flaw allows malware writers to quietly download Android app installation (.apk) files to devices without requiring approval. Users need to install the banking trojan apps and tweak settings to allow installation of apps from stores other than Google Playto be infected; however, attackers increased the likelihood of compromise by using the titles of popular Android apps such as Skype, MinecraftPE, and WhatsApp.
View full story
ORIGINAL SOURCE: The Register