(Page 2 of 2)
“The iBanking/webinject scheme uses what is becoming a standard technique: first it infects the user’s PC, then it uses this position to inject code into the user’s PC Web browser on a trusted site, telling the user that the trusted site wants them to ‘sideload’ an Android app, ostensibly for security reasons,” Davis said. “The attack even includes instructions on how to change their Android settings to allow sideloading, which should be a big red flag but apparently isn’t.”
Davis said this leads to a couple of conclusions. First, he said, the PC is still the weak link in Internet security, both for individuals and for enterprises. Now more than ever, he said, users and organizations really need to run modern anti-malware solutions on computers used to access the Internet.
“Second, sideloading is a major vector for malware getting installed on Android devices. Although Android provides a warning about sideloading making your device more vulnerable when you enable it, it seems that warning isn’t strong enough,” Davis concluded. “Maybe they need bold, blinking red text saying, ‘Legitimate apps are rarely installed this way! You’re probably installing malware on your device!’”