Kaspersky Lab detects malware targeting Android users via Google AdSense

Anne Freier

In Mobile Advertising Blog. August 18, 2016

Security researchers at Kaspersky Lab have found malware that specifically targets Android smartphone users. The banking Trojan called last-browser-update.apk essentially wants to steal a user’s banking details. It does this by opening a phishing window that duplicates data which users enter. In addition, it can read and delete text messages sent to users by banks.
Kaspersky Lab warns of banking Trojan hijacking via Google AdSense
Source: securelist.com
Worryingly, it can also be downloaded via Google AdSense, which displays targeted ads to users. AdSense ads do appear everywhere, from small blogs to big sites. The malware is being downloaded when a page with the advert is visited.
Google declined to comment on the matter. However, the Svpeng Trojan family is well known to Kaspersky Lab and has previously launched a series of banking malware. Once installed, the Trojan hides from the list of apps on one’s phone. This makes it much harder to detect and remove it.
In addition, Svpeng also collects other user data such as call history, text messages and browser bookmarks.
Users can avoid downloading the virus, by keeping the security settings up on their phones. Android doesn’t run unknown apps unless it is told to do so. Right now, the malware targets Russian users so the rest of the world may be able to sigh in relief.
However, it’s pretty embarrassing for Google nonetheless and should be sorted swiftly in order to avoid heated ad blocking debates.