Update Trojan hits South Korean banking app

Update Trojan hits South Korean banking app

06 AUG 2013

A vulnerability that allows cybercriminals to insert malicious code into installed apps via a downloadable update has hit a South Korean online banking app.

Trend Micro has found that the software, from NH Nonghyup Bank, which has been installed on five to 10 million mobile devices, was tweaked to offer a downloadable update from third party download websites.

The update uses the master key Android vulnerability to insert a malicious file into the app which leads users to a spoof page asking them to input their bank account information. If inputted, this information is sent to a malicious server controlled by the cybercriminal.

The miscreants also offered a version of the legitimate app that was already been ‘trojanised’.

As the scam involved tampering with apps already on devices, the effect may not be noticeable until it is too late. TrendMicro therefore recommends users only download apps or updates from trusted sources, such as app stores.


Tim Ferguson

Tim joined Mobile World Live in August 2011 and works across all channels, with a particular focus on apps. He came to the GSMA with five years of tech journalism experience, having started his career as a reporter... More

Read more