Experts have uncovered a malicious mobile campaign that leverages the release of “The Interview.”
Researchers at McAfee teamed up with experts at the Technische Universität Darmstadt and the Centre for Advanced Security Research Darmstadt to uncover the ruse targeting South Korean Android users, according to a report by Graham Cluley.
A McAfee researcher told Cluley of a torrent being spread that poses as an Android app and promises to download the movie, but instead infects mobile devices with the 'Badaccents' banking trojan. The malware is hosted on Amazon Web Services and targets customers of Korean banks, in addition to Citi Bank, and includes code that only allows it to infect devices manufactured outside of North Korea.
Thus far as many as 20,000 devices have been infected, and researchers say bank account data was being sent to a Chinese mail server.