Security firm Kaspersky Lab has uncovered a banking trojan that is being distributed via Google AdSense, and is therefore able to force itself on users with no interaction.
"We encountered a gratuitous act of violence against Android users. By simply viewing their favourite news sites over their morning coffee users can end up downloading last-browser-update.apk, a banking trojan detected by Kaspersky Lab solutions as Trojan-Banker.AndroidOS.Svpeng.q," warned the Kaspersky researchers in a blog post.
"It turns out the malicious program is downloaded via the Google AdSense advertising network. Be warned, lots of sites use this network - not just news sites - to display targeted advertising to users. Site owners are happy to place advertising like this because they earn money every time a user clicks on it.
"But anyone can register their ad on this network - they just need to pay a fee. And it seems that didn't deter the authors of the Svpeng trojan from pushing their creation via AdSense. The trojan is downloaded as soon as a page with the advert is visited."
These kind of attacks are not new, and Kaspersky blurted out an alert about an incident at the Meduza news portal in July which has since been fixed.
"The Svpeng family of banking trojans has long been known to Kaspersky Lab and possesses a standard set of malicious functions. After being installed and launched, it disappears from the list of installed apps and requests the device's admin rights," the post continued.
"Svpeng can steal information about the user's bank cards via phishing windows, intercept, delete and send text messages (this is necessary for attacks on remote banking systems that use SMS as a transport layer) and counteract mobile security solutions that are popular in Russia by completing their processes.
"In addition, Svpeng collects an impressive amount of information from the user's phone: the call history, text and multimedia messages, browser bookmarks and contacts."
Geoengineering on the sea floor near glaciers would form a new ice shelf to prevent melting
Alterations in capillary blood flow can be caused by body position change
Curiosity rover is in 'normal mode' but not transmitting scientific data back to base
NatWest outage comes a day after Barclays' IT systems shut out customers and staff