The BankBot trojan is targeting hundreds of apps on Google Play as part of a plot to steal Android users’ banking credentials and payment card details. Security information security consultant Niels Croese first came across the malware, whose source code went online earlier this year, in an app called Funny Videos 2017. The app appeared legitimate other than the fact that someone had infected it with the trojan probably around 8 April 2017, which was the last time it had received an update. A closer look revealed that as many as 5,000 users had installed the compromised app onto their devices.
View full story
ORIGINAL SOURCE: Graham Cluley