SpyEye malware toolkit hits Android devices
The SpyEye malicious toolkit, which has made botnets out of computers running Microsoftâs Windows operating system, now threatens devices running Googleâs Android as well. Computer security firm Sophos said SpyEye, designed to steal banking credentials and confidential data, appeared to make the Android version some months after âcompetitor" Zeus did so. âWhen the user of a PC infected by the Windows version of SpyEye visits a targeted banking website, and when the site is using mobile transaction authorization numbers, the SpyEye Trojan may inject HTML content which will instruct the user to download and install the Android program to be used for transaction authorization," Sophos said in a blog post. SpyEye will not include an icon which would be displayed in the âAll apps" menu- a user will only find the package when âManage Applications" is launched from the mobile deviceâs settings. Also, the application uses the display name âSystem" so that it seems like a standard Android system application. The SpyEye for Android will be detected by Sophos products as Andr/Spitmo-A. âIt also seems that support for Android is increasingly becoming an important part of their product strategy," Sophos said. Avoiding detection Sophos said the malware will use different tactics to reinforce userâs opinion that it is a legitimate application. It applies for the following permissions Android permission: