Mobile Malware Creators Pay $100 for Active Google Play Accounts

Malware developers targeting Google’s Android platform are reportedly seeking new ways to establish trustworthy delivery channels for their creations. Cyber-criminals are listening to the old business adage that “one has to spend money to make money.”

According to a report by tech journalist Brian Krebs, an Android virus writer is offering as much as $100 for a verified developer account tied to a dedicated server. The report also mentions that the same buyer is providing a do-it-yourself Android malware creation toolkit dubbed Perkele used to intercept incoming SMS messages from banks.

Web-injector malware working in tandem with mobile banking malware for the interception of mTANs (Mobile Transaction authentication number) is nothing new – it’s an approach that Zeus (and ZitMo) has been using for quite a while. However, if these threats turn up on Google Play – or worse, in applications that have already built a reputation among its users, their rate of success will dramatically increase.

Mobile malware is not only aggressive adware: it is becoming more and more focused on reaching your pockets, either via premium-rate SMS scams or direct e-banking fraud. The emergence of malware automation toolkits for Android will lend a helping hand not only to long-time cyber-crooks, but also to newcomers who don’t have enough programming skills to develop their own malicious code.