{"id":645560,"date":"2013-03-06T20:20:21","date_gmt":"2013-03-07T01:20:21","guid":{"rendered":"http:\/\/betanews.com\/?p=134724"},"modified":"2013-03-06T20:20:21","modified_gmt":"2013-03-07T01:20:21","slug":"happy-anniversary-banking-malware-targets-google-play","status":"publish","type":"post","link":"https:\/\/mereja.media\/index\/645560","title":{"rendered":"Happy anniversary! Banking malware targets Google Play"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/betanews.com\/wp-content\/uploads\/2013\/03\/smartphone-cash-money-370x600.jpg\" alt=\"\" title=\"smartphone cash money\" width=\"300\" height=\"486\" class=\"alignright size-large wp-image-134758\" \/>Today is the one-year anniversary of the Google Play store and the company <a title=\"Google celebrates Play store anniversary with special deals\" href=\"http:\/\/betanews.com\/2013\/03\/06\/google-celebrates-play-store-anniversary-with-special-deals\/\">celebrates with a big sale<\/a>. However, things may not all be balloons and ribbons in Android land. Something darker lurks just beneath the surface of Google&#8217;s Android marketplace.<\/p>\n<p>Brian Krebs, a former Washington Post reporter who now <a href=\"http:\/\/krebsonsecurity.com\/\" >writes a security blog<\/a>, found a bit of information that could make your hair curl. Krebs makes a habit of hanging out on the seedy side of the web and he recently hit potential paydirt, encountering\u00a0a new botkit that is making the rounds and leverages actual verified accounts from the marketplace to trick users into downloading phony banking applications. Krebs spotted\u00a0a developer purchasing verified Google Play accounts for $100 each on an underground forum.<\/p>\n<p>According to Krebs, &#8220;Google charges just $25 for Android developers who wish to sell their applications through the Google Play marketplace, but it also requires the accounts to be approved and tied to a specific domain. The buyer in this case is offering $100 for sellers willing to part with an active, verified Play account that is tied to a dedicated server&#8221;.<\/p>\n<p>The malware, which goes by the name &#8216;Perkele&#8217;\u00a0does not appear to be overly sophisticated as far as a modern mobile malware app goes, but it is still being endorsed by buyers.<\/p>\n<p>Krebs explains how the new malware works: &#8220;When the victim goes to log in to their bank account at their PC, the malware Web inject informs the victim that in order to complete the second, mobile authentication portion of the login process, the user will need to install a special security certificate on their phone. The victim is then prompted to enter their mobile number, and is sent an SMS or HTTP link to download the mobile malware&#8221;.<\/p>\n<p>While many of us may pause at such a prompt, average users likely would not. Especially given today&#8217;s two-factor authentication that a growing number of sites require &#8212; for some reason Google just prompted me to enter a code texted to my phone this morning when I first logged into my account.<\/p>\n<p>Is there something to worry about? Likely not, but it is reason to be cautious, but then again there is <em>always<\/em> reason for that. If an app prompts you to do something out of the ordinary then go directly to the website &#8212; type the URL into your\u00a0browser\u00a0&#8212; do<em> not<\/em> click a link. Check it out before you go any further. I know it sounds paranoid but, as the old saying goes, better safe than sorry.<\/p>\n<p><strong>Photo Credit:<\/strong>\u00a0<a id=\"portfolio_link\" href=\"http:\/\/www.shutterstock.com\/gallery-587245p1.html\" >koya979<\/a>\/<a href=\"http:\/\/www.shutterstock.com\/\" >Shutterstock<\/a><\/p>\n<div class=\"feedflare\">\n<a href=\"http:\/\/feeds.betanews.com\/~ff\/bn?a=hAgJAhxsZxo:Zy1MWxy6Z9M:qj6IDK7rITs\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/bn?d=qj6IDK7rITs\" border=\"0\"><\/img><\/a> <a href=\"http:\/\/feeds.betanews.com\/~ff\/bn?a=hAgJAhxsZxo:Zy1MWxy6Z9M:yIl2AUoC8zA\"><img decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~ff\/bn?d=yIl2AUoC8zA\" border=\"0\"><\/img><\/a>\n<\/div>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~r\/bn\/~4\/hAgJAhxsZxo\" height=\"1\" width=\"1\"\/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Today is the one-year anniversary of the Google Play store and the company celebrates with a big sale. However, things may not all be balloons and ribbons in Android land. Something darker lurks just beneath the surface of Google&#8217;s Android marketplace. Brian Krebs, a former Washington Post reporter who now writes a security blog, found [&hellip;]<\/p>\n","protected":false},"author":7430,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-645560","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/posts\/645560","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/users\/7430"}],"replies":[{"embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/comments?post=645560"}],"version-history":[{"count":0,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/posts\/645560\/revisions"}],"wp:attachment":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/media?parent=645560"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/categories?post=645560"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/tags?post=645560"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}