Kaspersky warns that spreading malware targeting bank account information via Google AdSense is spreading

Kaspersky (Kaspersky), a security countermeasure company, sends malware "Svpeng"Has been delivered to Android smartphones. According to Kaspersky, a malicious program will be automatically downloaded when the website on which the AdSense ad is installed is loaded.

Good morning Android! - Securelist
https://securelist.com/blog/incidents/75731/good-morning-android/

Android malware spreads using Google AdSense advertising network: Kaspersky researchers - Business Insider
http://www.businessinsider.com/android-malware-spreads-using-google-adsense-advertising-network-kaspersky-researchers-2016-8

The threat revealed this time is that users of Android smartphones just watch the favorite news site as usual and the mysterious apk called "last-browser-update.apk" will be downloaded. The program was downloaded via the Google AdSense ad network, and it was said that it was downloaded automatically when the advertisement page was displayed.


According to Kaspersky, this time malware called "Svpeng" is about to be infected via AdSense, it has been a long time since Kaspersky kept marking it as a malicious and cautionful thing. Svpeng is known as a malicious rant thing wearing mobile phone user's data for "hostage", and Kaspersky under the situation that Svpeng is damaging mainly in the United States as Ransomware from 2014 to 2015 so,It is pointed out that there is an intention to steal financial data from code contentswas doing. After that, as expected by Kaspersky, Svpeng has confirmed that it implemented code to steal bank account information, and when infected with Svpeng it seems to steal account information from a window pretending to be a bank notice.


At the momentFishingIt is Russian bank account that has been confirmed as a target, and it is doubtful that the person related to Russia is involved in exploiting Svpeng. Svpeng, who is trying to gather bank account information, also collects information such as contacts, call logs, text messages, browser bookmarks, etc. Kaspersky Lab researcher says. By the way, Svpeng can become infected by "allowing installation of unknown application" but this setting is disabled in default state of Android smartphone. Therefore, it will not infect users unless this feature is activated.

The same case where malware is delivered from AdSense, the portal site in mid July 2016MeduzaBut as a result, Meduza has disabled AdSense ads.


Business InsiderI asked for comment on the situation Svpeng is infected via Google via AdSense, but I do not get answers.