1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

News Banking trojan hits Android

Discussion in 'Article Discussion' started by CardJoe, 11 Jan 2010.

  1. CardJoe

    CardJoe Freelance Journalist

    Joined:
    3 Apr 2007
    Posts:
    11,343
    Likes Received:
    292
  2. eddtox

    eddtox Homo Interneticus

    Joined:
    7 Jan 2006
    Posts:
    1,296
    Likes Received:
    15
    It was only a matter of time before it happened. It's worrying that the delivery vector was the Android Market, but not surprising. People assumed they were safe, now they know they are not and hopefully will be more careful about what apps they download.
     
  3. wiak

    wiak New Member

    Joined:
    9 Apr 2006
    Posts:
    105
    Likes Received:
    0
    lol nothing new here, move over (hint: windows and the interwebs)
     
  4. bladerunner168

    bladerunner168 New Member

    Joined:
    11 Jan 2010
    Posts:
    11
    Likes Received:
    0
    Old school!

    I know, I'm old school. I like to play Borat quotes loud on my HTC Hero, I also like to play Mr T quotes. I also like the barcode scanner app which then checks prices on froogle. But there is NO WAY I would do my banking on mobiles, NO WAY, NO WAY :waah:

    I still do my banking at the branch :jawdrop:
     
  5. leveller

    leveller Yeti Sports 2 - 2011 Champion!

    Joined:
    1 Dec 2009
    Posts:
    1,107
    Likes Received:
    24
    1) I think it is pretty cool you managed to slip the words "delivery vector" into your post. Gave me an instant feeling of reading a sci-fi novel.

    2) Is it really possible for people to be careful? I seriously have no interest nor knowledge of the Android stuff but if the freedom to create and submit anything exists ... I can imagine what sort of coders will be attracted to the phone.
     
  6. StephenK

    StephenK Sneak 'em Upper

    Joined:
    21 Dec 2006
    Posts:
    291
    Likes Received:
    2
    Guess it was bound to happen sooner or later. Maybe we'll see some sort of vetting system in future to try and cut down on this sort of thing.


    (Off Topic: What is with henrinaiara's posts? Do we have a bot in our midst? )
     
  7. smoothie

    smoothie Member

    Joined:
    28 Jul 2007
    Posts:
    94
    Likes Received:
    3
    In the Android Market, the only way you can really be careful about which apps you download is to first read the reviews of the apps that exist on their description pages. People who comment on apps usually post any problems with the app, and suggestions on how to make it better, or if there's a better app on the market. For decent apps, the devs will also post comments to let users who check for updates know which problems they're working on. However, if an app appears to be working correctly, and then suddenly turns malicious, you'll have little warning.

    Kind of reminds me of this story (last page of article is most relevant, but the article isn't too long): http://http://www.cosmosmagazine.com/fiction/print/41/the-many-body-problem?page=0%2C0
     
  8. Nexxo

    Nexxo Queue Jumper

    Joined:
    23 Oct 2001
    Posts:
    33,684
    Likes Received:
    1,290
    +1. Added it as a tag. :D
     
  9. eddtox

    eddtox Homo Interneticus

    Joined:
    7 Jan 2006
    Posts:
    1,296
    Likes Received:
    15
    Hehe glad I could help :thumb:

    Like you, I have no interest in the android platform, but I think it's time people began to treat mobile apps with the same care/suspicion they treat pc apps. As more information passes through/ is stored on mobile phones, more and more malware will target them. Especially where there are a huge number of people on the same platform Ie Android, iphone

    @smoothie: awesome-scary
     
    Last edited: 11 Jan 2010
  10. shanky887614

    shanky887614 New Member

    Joined:
    13 May 2009
    Posts:
    203
    Likes Received:
    0
    isnt online banking for thick people?

    do you guys hinestly know how weak wifi encryption is it takes 5mins to crack wep and under an hour to crack wpa so its no suprize and its a gadget you are still suposed to use your brain
    its like a satnav you have to be pretty thick to drive into the channel when you select lodon to pariss on your satnav
     
  11. ch424

    ch424 Design Warrior

    Joined:
    26 May 2004
    Posts:
    3,112
    Likes Received:
    41
    No. I'd much rather have the freedom to let people write trojans if they want. Android already gives the user a list of what an app is allowed to do when they install it. I'd never trust an app that says "let me remember your passwords for you!! :) :)"

    Ummm...? You know that when you connect to a bank website it goes over https/SSL, right? It doesn't matter if you connect over unencrypted wifi, nobody is going to steal your details anyway. When you use an ATM, or use your card in a shop, your details are sent over the internet using the same encryption system. If someone had the resources to crack SSL, they'd do something more than steal $200 from your bank account.
     
  12. Torwald

    Torwald New Member

    Joined:
    3 Sep 2003
    Posts:
    21
    Likes Received:
    0
    Hmm... Such attempts of stealing bank details could only affect bank accounts where only id/pass is required to send money.
    In my country, when you want to make a wire transfer, you have to give some letters from secret password, next password which is sent via SMS and sign all this with your encrypted key (in file @ computer).
    Now tell me, what use of my 'details' would such a 'cracker/phisher' have ? He wouldn't even log in to my account...
     
  13. shanky887614

    shanky887614 New Member

    Joined:
    13 May 2009
    Posts:
    203
    Likes Received:
    0
    yes but what i mean is if they can get on your server/internet they can leave a trojan there to get your details and you guys would be suprised at how easy it is to mask a trojan/virus as a harmless plugin or something else
     
  14. ZERO <ibis>

    ZERO <ibis> Member

    Joined:
    22 Feb 2005
    Posts:
    454
    Likes Received:
    8
    The important thing to take away from this is that it worked only if a user entered sensitive data into the application. It is the consumers responsibility to ensure that the places they enter sensitive data into are secure. Worst case Google adds a warning reminding users to preform their own independent check on an application to ensure that the information they use on that app is secure.
     
  15. leveller

    leveller Yeti Sports 2 - 2011 Champion!

    Joined:
    1 Dec 2009
    Posts:
    1,107
    Likes Received:
    24
    This wasn't the only bad app, Google are having to step in to clear up the Android store.
     
  16. eddtox

    eddtox Homo Interneticus

    Joined:
    7 Jan 2006
    Posts:
    1,296
    Likes Received:
    15
    Google can't be expected to ensure that other developers' applications are safe, just like Ms can't be held accountable for Windows malware. History shows us that lowering the barrier to entry for developers helps make platforms more successful. History also shows us that the more successful a platform is, the more likely it is that it will be attacked. The alternative is going the apple route and filtering every single app, but in the long run that doesn't seem to work as well because it becomes more difficult/risky for developers to take up the platform. In the words of a (in)famous CEO , "Developers developers developers" etc.
     

Share This Page