Google finds apparently fraudulent banking applications on its Android Marketplace

News by Dan Raywood

Warnings have been made about fraudulent banking applications being posted on the Android Market.

Warnings have been made about fraudulent banking applications being posted on the Android Market.

Mikko Hypponen, chief research officer at F-Secure, claimed that Google's Android mobile operating system has been out for a while and is generating more and more interest, and that there had been some buzz about fraudulent applications being posted on its market.

One user noticed that there was ‘a whole bunch of banking apps released and I got thinking, what is stopping this developer from doing a man-in-the-middle and stealing information? Just about anyone can make an app and put it in the market'.

Another user commented that they had purchased a US banking app from ‘09Droid', and had been unable to find it anymore and was not able to find any further information on it.

Hypponen said that both apps were written by an anonymous developer known as 09Droid who had a whole collection of online banking applications for sale on the market.

He said: “These applications were being sold, but it's still unclear what exactly they did. We haven't been able to secure a copy for ourselves yet, so we don't know either.

“Since the applications were not developed or authorised by the banks themselves, they could not do real online banking from the Android device. Apparently they only opened the web interface of the online bank for the user. On the other hand, they could have stolen user credentials.”

Hypponen said that he could not ask the questions to the creator, as he was nowhere to be found, his applications have been removed from the market, and his contact information points to an empty Blogspot page.

The concern has led to affected banks assuming the worst and issuing public warnings to their customers.

A warning from Bayport Credit Union said: “To all mobile device users utilising the Android Marketplace. On 15th December 2009 Bayport Credit Union's mobile banking provider Mshift notified Google of a potentially unsafe application in the Android Marketplace. It is believed that fraudsters deployed fraudulent mobile banking applications to the Android Marketplace, using a phishing technique to attempt to gain access to mobile banking users' financial information.

“This potential phishing threat is impacting over 50 financial institutions worldwide. These applications were published by the developer ‘09Droid'. Google has since removed these specific applications from the Android Marketplace.”

Google has also removed applications relating to banks such as Alliance and Leicester, Bank of America, Barclays and Barclaycard, Deutsche Bank, HSBC US, Nationwide, Wells Fargo and Royal Bank of Canada.


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews