Search

Android 'spoofing' bug helps targets bank accounts

BBC Technology 02 Dec 2019 10:45
By Mark Ward Technology correspondent, BBC News
Android mascotImage copyright Google

A "major" security weakness in Google's Android software has let cyber-thieves craft apps that can steal banking logins, a security firm has found.

The bug lets attackers create fake login screens that can be inserted into legitimate apps to harvest data.

More than 60 financial institutions have been targeted by the technique, a survey of the Play store indicated.

Google said it had taken action to close the loophole and was keen to find out more about its origins.

"It targeted several banks in several countries and the malware successfully exploited end users to steal money," said Tom Hansen, chief technology officer of Norwegian mobile security firm Promon, which found the bug.

Lurking threat

The problem emerged after Promon analysed malicious apps that had been spotted draining bank accounts.

"We'd never seen this behaviour before," said Mr Hansen.

Promon worked with US security firm Lookout to scan apps in Android's Play store to see if any were being abused via the Strandhogg bug.

In a statement, Google said: "We appreciate the researchers' work, and have suspended the potentially harmful apps they identified."

Promon's chief technology officer welcomed Google's response, as he said many other apps were potentially exploitable via the spoofing bug. But he noted that it still remained possible to create fake overlay screens in Android 10 and earlier versions of the operating system.

Continue reading original article...

Tags

GooglePromonLookoutPlay storeBBC