Android Trojan Banking App Targets Master Key Vulnerability

  /     /     /  
Publicated : 22/11/2024   Category : security


Android Trojan Banking App Targets Master Key Vulnerability


Sluggish Android updates put users at risk. Could rising public awareness of the flaw lead carriers and device makers to patch more quickly?



Security researchers have spotted a legitimate banking app for Android smartphones and tablets that has been trojanized using the so-called master key vulnerability. That flaw, which affects all versions of Android prior to version 4.2.2, can be used by attackers to inject malicious code into a digitally signed, legitimate Android app.
In this case, attackers have been offering a trojanized update for a legitimate online banking app distributed by South Koreas NH Nonghyup Bank. The Android app is used by up to 10 million people.
Running the malicious app triggers a screen asking users to enter their account details. Should the user comply, their information would be sent to a remote malicious server controlled by the cybercriminal, said Peter Yan, a Trend Micro mobile security engineer,
in a blog post
. In other words, people who fall for the attack would be likely targets for cybercriminals trying to drain their bank accounts
...
Read full story on InformationWeek

Last News

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Android Trojan Banking App Targets Master Key Vulnerability