Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Fake Android Application SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Fake Android Application

Somehow I missed that "First Tech Credit Union" warned its users late in December about a fake Android application which pilfers user's passwords [1].

This is a somewhat expected event. Malware is frequently willingly installed by users. As users move to new platform like mobile devices, malware is going to follow them. This particular application, "Droid09" has since been removed from the Android Market Place. But it is probably just a matter of time for the next application to show up. It is probably possible for a similar application to sneak past the iTunes store approval process as well. In each case, the more managed software delivery environment limits the expose time but doesn't eliminate it.

[1] http://www.firsttechcu.com/home/security/fraud/security_fraud.html

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

I will be teaching next: Defending Web Applications Security Essentials - SANS Cloud Security Europe 2020

Johannes

3881 Posts
ISC Handler
Jan 11th 2010
After further investigation by other sources it was determined that this was not a Phishing Campaign. It was a poorly written app that was essentially using the built in browser. It would not surprise me if down the line someone truly wrote a malicious app.
Anonymous

Sign Up for Free or Log In to start participating in the conversation!