A phisher hoping to harvest bank login details managed to smuggle his app onto the Android app store. Malicious apps posted by Droid09 were quickly identified, prompting a warning to legitimate users and a ban for the VXer. Google s new password checkup tool joins other similar services including Have I Been Pwned and Mozilla’s Firefox Monitor. Researchers find six previously unknown memory corruption and unlock-bypass vulnerabilities in major chipset vendors firmware code. Read the full article.
Source: https://threatpost.com/android-app-rogue-phishing-scam-011110/73347/