The controversial film 'The Interview' has caused quite a wave, more so online. This increasing hype on the film appears to have drawn the attention of malware-slingers, who have gone ahead and put together a fake Android app. This application has been established by security experts as a malware tool designed to swipe online banking details.
Sony Pictures, the Hollywood heavyweight production company, bowed to criticism that it had given in to threats in the wake of the recent massive hacking attack. The company apparently decided to rescind its decision to 'not air' The Interview
and went ahead to release the Seth Rogen comedy on Christmas day. This was according to initial plans by the company, which faced one of the most sophisticated hack attacks ever witnessed in yesteryears. The attack has been blamed on the North Korean government.
One of the illegal torrents doing rounds in South Korean pretends to be an Android application that helps users download the so said movie. But in reality, this Android app works around the clock to pull users online banking credentials and apparently divulge them to ill-minded attackers. Moving with the tide, the publishers of this app seem to be taking advantage of the media frenzy around 'The Interview'. The first antivirus detection was by McAfee as Android/Badaccents.
Very focused on its target, the banking Trojan appears to have designed to target customers from a number of South Korean financial institutions, as well as Citi Bank.
So far, more than 20, 000 Android devices appear to have been infected. This is according to data intercepted by Android security researchers and relayed back to a Chinese mail server. This malware has been ingeniously engineered to check the device manufacturer and bypass infection for Android gadgets from Arirang and Samjiyon, both of whom sell Android smartphones in North Korean.
But McAfee security analysts appear to have a different take on this. A senior McAfee security researcher, Irfan Asrar, opines that the malware was designed by cybercriminals to ignore North Korean targets, since users from that side of the world are unlikely to have online banking accounts.
A write-up of the latest threat of this nature has been compiled by Graham Cluley and can be found here