In association with heise online

11 January 2010, 16:57

Android app steals bank login details

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

First Tech Credit Union Logo An application available via Google's Android Market was infected with a trojan designed to steal users' bank login details. The application reportedly pretended to simplify the customer's mobile access to accounts at various different banks. The incident is only being publicised now following a warning issued by US credit union First Tech from the 22nd of December, 2009. According to First Tech's advisory, the application originated from Android Market, where it had been uploaded by a user called Droid09. However, the program did not specifically target First Tech customers, said the bank, and added that no First Tech customer suffered any financial damage.

The program uploaded by Droid09 has already been removed from the Android Market. Users are advised to check whether they have software by Droid09 installed on their devices. The incident gives rise to the question whether Google should check the applications offered for the open Android operating system before making them available to download. Once Android phones become more popular, for instance due to the launch of the Nexus One, the number of visitors to the Android Market is bound to rise and software checks may become necessary to maintain the platform's trustworthiness. In the Android Market, developers can either sell their software or offer it free of charge.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit