Android malware hits Aussie bank customers, iOS users unaffected

“New malware that targets mobile banking apps of Australia’s big banks has been detected,” Nick Whigham reports for The Courier Mail. “The sophisticated virus infects Android users and can steal password details and even thwart two-factor authentication.”

“Customers of Commonwealth Bank, Westpac, ANZ and the National Australia Bank are all vulnerable to the malware which can hide on a person’s device until they use the banking app,” Whigham reports. “In addition to stealing the login details of customers, thieves can also intercept verification text messages sent to the device, allowing them to thwart extra security measures put in place by the banks.”

“BankWest, Bendigo Bank, St George Bank, Bank of New Zealand, Wells Fargo and Kiwibank are also among the list of vulnerable banks,” Whigham reports. “Cyber security expert Matthew Warren said the malware comes as no surprise. ‘It’s an ongoing problem with android devices, because of the open source nature of the platform… There’s been a number of malware aimed at banking apps,’ he told Unlike Apple, for instance, which only allows users to download apps from its controlled App Store, Android users can download apps from anywhere.”

Read more in the full article here.

MacDailyNews Take: “Open” in all the wrong ways. Don’t settle for insecure, derivative crap.

If it’s not an iPhone, it’s not an iPhone.

Android malware steals one-time passcodes, a crucial defense for online banking – January 14, 2016
New Android malware is so bad, you’d better off buying a new phone – November 6, 2015
Apple issues iPhone manifesto; blasts Android’s lack of updates, lack of privacy, rampant malware – August 10, 2015
New Android malware strains to top 2 million by end of 2015 – July 1, 2015
Symantec: 1 in 5 Android apps is malware – April 25, 2015
Kaspersky Lab Director: Over 98% of mobile malware targets Android because it’s much, much easier to exploit than iOS – January 15, 2015
Security experts: Malware spreading to millions on Android phones – November 21, 2014
There’s practically no iOS malware, thanks to Apple’s smart control over app distribution – June 13, 2014
F-Secure: Android accounted for 99% of new mobile malware in Q1 2014 – April 30, 2014
Google’s Sundar Pichai: Android not designed to be safe; if I wrote malware, I’d target Android, too – February 27, 2014
Cisco: Android the target of 99 percent of world’s mobile malware – January 17, 2014
U.S. DHS, FBI warn of malware threats to Android mobile devices – August 27, 2013
Android app malware rates skyrocket 40 percent in last quarter – August 7, 2013
First malware found in wild that exploits Android app signing flaw – July 25, 2013
Mobile Threats Report: Android accounts for 92% of all mobile malware – June 26, 2013
Latest self-replicating Android Trojan looks and acts just like Windows malware – June 7, 2013
99.9% of new mobile malware targets Android phones – May 30, 2013
Mobile malware exploding, but only for Android – May 14, 2013
Mobile malware: Android is a bad apple – April 15, 2013
F-Secure: Android accounted for 96% of all mobile malware in Q4 2012 – March 7, 2013
New malware attacks Android phones, Windows PCs to eavesdrop, steal data; iPhone, Mac users unaffected – February 4, 2013

[Thanks to MacDailyNews Reader “Johnny Appleseed” for the heads up.]


  1. People shouldn’t bank, trade stocks, purchase products, give credit card details over the phone, enter passwords, text friends, email family, save pictures, and leave the cameras and microphones uncovered on Android devices. Android devices are so unsecure that even their executive chairman, Eric Schmidt, doesn’t use them. He uses an iPhone.

  2. Chrome browser was all about sandboxing tabs etc.
    So it would seem Android doesn’t follow this practice?

    I know some don’t like the extra layer of isolation between apps, but that should have prevented exploits like watching for banking passwords and 2nd factor authentication.

  3. Android security? What’s that?

    From March 3rd:

    Devastating Vulnerability Affects 66 Percent of Android Phones
    Researchers show off a new attack that can seize control of most Android phones.

    The attack uses the Android accessibility framework, which is designed to help users get the most out of their phones, even if they are visually impaired or have difficulty typing, for example. But under malicious control, Amit explained, the accessibility framework can be used to monitor user activity and take actions without users’ knowledge.

    From past experience, at least one more devastating Android security exploit will be revealed this month. Let’s watch…

    Google, you suck.

  4. The Australian banks have steadfastly refused to adopt Apple Pay, despite Apple iOS products having the largest percentage of users in Australia – more than any other country in the world.

    The Australian economic system is dominated by “cartels” – the whole country has only two grocery store chains, and they both use their political power to stop chains like Costco from expanding. So to is the banking system corrupted.

    I hope this breach causes the banks a squillion.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.