An Android Trojan that targets mobile banking users has evolved into a sophisticated, persistent and hard-to-detect threat. Researchers from security firm FireEye first documented the Trojan in December and named it SlemBunk. The Trojan can spoof the user interfaces of apps from at least 31 banks from across the world and two mobile payment service providers. The latest versions of the Trojan are distributed through drive-by download techniques, predominantly when visiting porn websites. The attack is more complicated than it appears at first glance, because the APK downloaded during this first stage does not contain any malicious functionality.”]