Security firm Kaspersky Lab has uncovered a banking trojan that is being distributed via Google AdSense, and is therefore able to force itself on users with no interaction.
"We encountered a gratuitous act of violence against Android users. By simply viewing their favourite news sites over their morning coffee users can end up downloading last-browser-update.apk, a banking trojan detected by Kaspersky Lab solutions as Trojan-Banker.AndroidOS.Svpeng.q," warned the Kaspersky researchers in a blog post.
"It turns out the malicious program is downloaded via the Google AdSense advertising network. Be warned, lots of sites use this network - not just news sites - to display targeted advertising to users. Site owners are happy to place advertising like this because they earn money every time a user clicks on it.
"But anyone can register their ad on this network - they just need to pay a fee. And it seems that didn't deter the authors of the Svpeng trojan from pushing their creation via AdSense. The trojan is downloaded as soon as a page with the advert is visited."
These kind of attacks are not new, and Kaspersky blurted out an alert about an incident at the Meduza news portal in July which has since been fixed.
"The Svpeng family of banking trojans has long been known to Kaspersky Lab and possesses a standard set of malicious functions. After being installed and launched, it disappears from the list of installed apps and requests the device's admin rights," the post continued.
"Svpeng can steal information about the user's bank cards via phishing windows, intercept, delete and send text messages (this is necessary for attacks on remote banking systems that use SMS as a transport layer) and counteract mobile security solutions that are popular in Russia by completing their processes.
"In addition, Svpeng collects an impressive amount of information from the user's phone: the call history, text and multimedia messages, browser bookmarks and contacts."
Ultra-high-end all-in-one PCs from HP feature either 24-inch or 27-inch displays
Roomba 'smart' vacuum cleaner company iRobot plans to sell maps of users' homes to Apple, Amazon and Google
'Smart' products spying on their owners and selling the data for profit? Who'd have thought it!
TNT Express still struggling with NotPetya malware - crucial documents remain locked up in borked systems as staff grapple with manual procedures
TNT depots over-flowing with parcels as the company struggles to recover from NotPetya - while Reckitt Benckiser reports 'ongoing' recovery
Full roll-out of Android O expected within weeks