back to article Check out this Android spyware, says Microsoft, the home of a gazillion Windows flaws

Data-stealing spyware disguised as a banking rewards app is targeting Android users, Microsoft's security team has warned. The malware, which can be remotely controlled by miscreants once it has infected a device, appears to be an updated version of an Android software nasty first observed in 2021. Back then it was seen …

  1. druck Silver badge
    FAIL

    What do you expect?

    As we've said before, it's nice that Microsoft is pointing out cybersecurity issues in other people's code – raising awareness is good for users – but it's strange to see Redmond making a song and dance about this sort of thing when it routinely downplays the scores of vulnerabilities it fixes in its own products every month.

    If you can't fix your own shit, throw some at your competitors.

    1. werdsmith Silver badge

      Re: What do you expect?

      It’s not a song and dance though, it’s just the security team doing their job in the routine way. The article even includes a breakout panel with information released about another of MS own vulnerabilities.

      The article is more of the same old stuff deliberately written to trigger the Rigsbys so they can write the same old whinges in the comments.

      1. Tilda Rice

        Re: What do you expect?

        Yeah. MS publish a very detailed doc every month for patch Tuesday declaring its exposed bits.

        They publish every CVE. Which means you can see each CVSS 3 score.

        Place is getting like The Verge.

  2. Anonymous Coward
    Anonymous Coward

    Sauce for the goose is sauce for the gander

    "As we've said before, it's nice that Microsoft is pointing out cybersecurity issues in other people's code – raising awareness is good for users – but it's strange to see Redmond making a song and dance about this sort of thing when it routinely downplays the scores of vulnerabilities it fixes in its own products every month."

    You should at least refer to the fact that Google regularly point out other people's security flaws, whilst having plenty of their own too.

    1. Jamie Jones Silver badge

      Re: Sauce for the goose is sauce for the gander

      Where's the security flaw?

      I just see an app doing what the user has given it permission to do.

  3. Jamie Jones Silver badge

    Where's the security flaw?

    They download an app from an unauthorised source. They ignore the warnings, install it, and grant it loads of permissions. They then provide their card details.

    It's hardly fair to then call the device "infected".

    If I go out, and give my PIN and card to a random stranger, I can't then claim the bank is insecure when my account is drained.

    The annoying thing about this, is that with each new subsequent android version, functionality is removed, simply because having the permission behind a setting isn't good enough for the stupid, and the press blame android for being insecure. Most of my android utilities these days don't work properly without root.

    1. Anonymous Coward
      Anonymous Coward

      Re: Where's the security flaw?

      It's a "security flaw" because it is not a Microsoft product and thus serves greatly to distract your attention from their own problems.

      "Things will go wrong if a user behaves like an idiot" doesn't quite have the same desired effect.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like