SpyEye Hacking Kit Adds Android Infection to Bag of Tricks

The SpyEye hacking toolkit has added an Android component that collects the text messages some banks use as an extra security precaution, a researcher said today.

“The standard SpyEye now also entices a user to download an Android app, which is actually a component that’s Android-specific malware,” said Amit Klein, the chief technology officer of Boston-based Trusteer, a security firm that specializes in online anti-cybercrime defenses.

The Android app poses as a security program — ironically, one that’s supposed to protect a user’s text messages from being intercepted — required to use a bank’s online services from a mobile device.

Many banks now send customers a one-time code, usually a series of numbers, to their mobile phone. To access the account, a user must enter not only the traditional username and password, but also the just-received passcode.  It’s that passcode that the bogus Android app intercepts and then re-transmits to a hacker-managed command-and-control (C&C) server, said Klein.

Read Full Story Here: http://www.computerworld.com/s/article/9219963/SpyEye_hacking_kit_adds_Android_infection_to_bag_of_tricks?taxonomyId=17

Advertisements

About John Bertoli

I enjoy to read and write. I am an aspiring author and am interested in marketing, SEO strategies, finance, trading, and entrepreneurship. I started working at Bat Blue Corporation part-time during my senior year at Stevens Institute of Technology and continued after graduation, realizing how experienced and dedicated the Bat Blue technologists were. I serve as the Marketing Associate, in charge of writing press releases and case studies, as well as developing content for our website http://www.batblue.com. I organize exhibition events throughout the year, providing market exposure for the company and produce a daily network security newsletter sent to over 5,000 subscribers, known as The Daily Security Briefing. By utilizing Bat Blue's past achievements and current accomplishments, I strive to leverage these successes to create brand recognition and develop future opportunities for the company.
This entry was posted in Security Stories and tagged , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s