It looks like they are doing it after app install with a malicious patch. This patch asks for SMS and accessibility access to gain privileges necessary to get into the banking apps. I haven’t thoroughly read it but just looking at the attack chain that’s what I gleaned.
As a curious Android user this comment is useless to me
For a real answer here’s the Zscaler blog write up: https://www.zscaler.com/blogs/security-research/technical-analysis-anatsa-campaigns-android-banking-malware-active-google
It looks like they are doing it after app install with a malicious patch. This patch asks for SMS and accessibility access to gain privileges necessary to get into the banking apps. I haven’t thoroughly read it but just looking at the attack chain that’s what I gleaned.
Ugh, TIL zscaler actually does more than just send my PII to the USA without my consent.
As an Android developer that comment makes me sad. Then I remind myself that Lemmy is full of people who migrated from Reddit.
We each have our specialties, and it would be unreasonable to ask that everyone share yours.
Dude, do you not want people on this platform? Reddit migrants come with baggage yes but I’d rather that than the husk that was Lemmy before.
I’m not gonna scream back at you,… I’m just going to walk back… very… very… slowly…errrrrrrr