An updated bit of bad software designed to lurk on the Android phones of users and steal their personal data has been uncovered, with this one engaging with the users and asking, very nicely, for credit card details and a selfie.
Discovered by the McAfee Labs Mobile Research Team, the latest trojan not only asks for banking details and some second factor data to help access people's accounts, but also wants a photo of the person under attack -- preferably of them holding up their driving license, passport or banking card for verification.
If you're prepared to hand over this much detail to an app you don't remember specifically putting on your phone, you almost certainly deserve to have your bank account emptied by bad people in hooded tops who will then spend your money on graphics cards and vaping equipment.
Installing the app is usually done by stealth, with it pretending to be a video codec or some sort of porn-enabling app. The design of the Android version mimics Google's Android Play toolset to make it a little more believable, which the creators no doubt assume will increase their chances of snaring someone's data and mugshot. [McAfee via Hot Hardware]