nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

back to article
Banking trojan-slingers slip past Google Play's malware defences

Silver badge

El Reg asked Google to comment on the incident, in particular the suggestion that crooks had figured out a way to smuggle malicious code past its security controls, but have not yet received a response.

The play store has security controls beyond "remove it if someone says it's infected"?

9
2
Silver badge
Facepalm

Why ?

Would ANYONE be stupid enough to do online-banking on a portable unsecured device with an unpatched OS without a virus-scanner or firewall ?

Most people are happy to login to their banking-website from their mobile phone while using an ancient version of Android or IOS and most banks don't seem to give a f*ck !

And when people actually DO lose money the banks are more than happy to point this out so they don't have to refund the money...

8
2
Anonymous Coward

Re: Why ?

As supposed to the app? Yes that sounds a bad idea. But the apps generally should work ok.

2
3
Silver badge

Re: Why ?

Well, for one thing, mobile deposits. It's nice to be able to deposit a check without physically going to the bank, and there's no way for me to do that on a PC with my bank - only the mobile app does that.

That's about all I ever do with it, but it also can show me my balance or help me find a nearby branch, etc. when I'm not home. I do all my bill paying on my (Linux) PC, but mobile is sometimes an advantage.

As for unpatched OS, whose fault is that? It's all about planned obsolescence, and most manufacturers (I'm looking at YOU, HTC) don't patch anything past 1 year. Google surprised me by supporting their hardware for a whole 2 years. Never happen, but there should be a law that they have to issue patches for everything for at least 10 years, IMHO.

4
0
Anonymous Coward

Re: Why ?

Mobile check deposits sound like the most security risky method of using such an app.

0
0
Bronze badge

Re: Why ?

Are you new to information security or do you just like to judge people?

No matter how much you build something and make it idiot proof; someone finds a way to build a stronger idiot. Welcome to InfoSec.

0
1
Anonymous Coward

App runs fine

If you deny the permissions, so there is your answer just deny the runtime permissions if you want play bust a move

I'm pretty tired of the android malware clickbait hidden agenda, it's rather tiresome. With over 2 billion active android devices, more than Windows PCs, real world infections are pretty much unheard of, yet the noise from security "experts" is totally disproportionate.

@malle-herbert. I would just an android device far more than I would trust a PC or MAC... By comparison they are both malware magnets

1
7

The Noise from Security Experts, Helps get Things Patched!

Anyone who thinks they are safe because the security community is making too much about vulnerabilities, is just plain foolish. Anyone who wants to harden their device, or software like browsers, is a practical person. They appreciate the hard work of infosec researchers. So, even if a device is a bit older, they can be proactive about securing those devices. It's not all doom, but many articles on how to stay safer too. Noise? I think NOT !

2
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

The Register - Independent news and views for the tech community. Part of Situation Publishing