NEWS FROM THE LAB - Monday, January 11, 2010

Warning On Possible Android Mobile Trojans Posted by Mikko @ 13:49 GMT

Google's Android mobile operating system has been out for a while and is generating more and more interest.

Now there has been some buzz about fraudulent applications being posted on the Android Market. See these postings:



Both of these apps were written by an anonymous developer known as 09Droid.

In fact, he had a whole collection of online banking applications for sale on the Market:

image courtesy of Brandon McGee
(image courtesy of Brandon McGee)

These applications were being sold, but it's still unclear what exactly they did. We haven't been able to secure a copy for ourselves yet, so we don't know either.

Since the applications were not developed or authorized by the banks themselves, they could not do real online banking from the Android device. Apparently they only opened the web interface of the online bank for the user. On the other hand, they could have stolen user credentials.

We can't ask these questions from Mr. 09Droid himself either, as he is nowhere to be found. His applications have been removed from the market, and his contact information points to an empty Blogspot page.


In the meanwhile, many of the affected banks have been assuming the worst and have issued public warnings to their customers. Here's an example warning from Bayport Credit Union:


In any case, we recommend users to remove applications from 09Droid from their Android devices.

Updated to add: Developer 09Droid had at least the following applications for sale in Android Marketplace. They have all been removed.

Abbey Bank
Alaska USA FCU
Alliance & Leicester (v. 1.1)
Bank Atlantic
Bank of America
Bank of Queensland
Barclaycard (v. 1.1)
Barclays Bank (v. 1.2)
City Bank Texas
Commerce Bank
Compass Bank
Deutsche Bank
Fifty Third Bank v.1.1
First Republic Bank v.1.1
Great Florida Bank
Grupo Banco Popular
HSBC US (v. 1.2)
ING DiBa v.1.1
Key Bank
Mechanics Bank v.1.1
MFFCU v.1.1
Nationwide (v. 1.1)
NatWest (v. 1.1)
Navy Federal Credit Union (v. 1.1)
Royal Bank of Canada
RBS v.1.1
TD Bank v.1.1
US Bank v.1.2
USAA v.1.1
Valley Credit Union
Wachovia Corp (v. 1.2)
Wells Fargo (v. 1.1)