In case you missed it: Bank info-stealing malware found in 90+ Android apps with 5.5M installs (mashable.com)
from return2ozma@lemmy.world to technology@lemmy.world on 02 Jun 2024 08:58
https://lemmy.world/post/16088426

#technology

threaded - newest

shortwavesurfer@monero.town on 02 Jun 2024 09:09 next collapse

And this right here is why you use open source apps.

jeena@jemmy.jeena.net on 02 Jun 2024 10:09 next collapse

This only would work if you check every line of source code, even the dependencies and build chain, and then build it yourself. See xz utils backdoor or heartbleed, etc.

Excrubulent@slrpnk.net on 02 Jun 2024 10:25 next collapse

The whole point is that at some point somebody can check, and you can have a higher level of trust in that than proprietary software.

And if someone does something like this then it has to be disguised as an innocuous bug, like heartbleed, they can’t just install full on malware.

It’s a different beast entirely.

dalakkin@lemmy.world on 02 Jun 2024 10:52 next collapse

There is no guarantee that the released app is exactly the same as the source code when getting it on Google Play. You’d have to decompile or compile from source and try to compare.

Using F-Droid is good alternative.

Jako301@feddit.de on 02 Jun 2024 11:05 collapse

If we are talking about bigger projects with hundreds of thousands or millions of downloads, than this may be true. But smal scale projects have so few people actively looking through them that even to automatic scan done by the playstore has a higher chance of catching malware. It doesn’t even have to be bad intent, two years ago there was a virus propagating trough the Java class files in minecraft mods which reached the PCs of quite a few devs before it was caught.

I don’t dislike FOSS, a lot of the apps I use come straight from github, but all this talk about them beeing constantly monitored by third parties is just wishful thinking.

Excrubulent@slrpnk.net on 02 Jun 2024 13:47 next collapse

Okay, but that’s a different claim than that you have to personally vet and compile every single thing you use, which is what I was responding to.

Open source isn’t perfect, but it is objectively and obviously better than closed.

jeena@jemmy.jeena.net on 02 Jun 2024 21:40 collapse

My whole point is that you can not point to a 3rd party checking for you and claim that it secure because someone else already checked. And I brought two examples which contradict this claim.

Miaou@jlai.lu on 02 Jun 2024 20:59 collapse

I’m not sure you’re understanding the argument: you cannot monitor closed source, therefore, you have at least as many eyes looking at my random crap on github as you do on the random crap some companies are doing.

Jako301@feddit.de on 02 Jun 2024 23:55 collapse

And you didn’t understand what I said. While you can not monitor closed source at the code level, you definitely can monitor the apps behaviour. Even the automatic threat protection from the playstore protect function is worth more than the measly amount of people looking through smaller projects codebases.

I hate Google with a passion, but with all their control over android devices, they are more than capable of scanning apps for malicious behaviour and automatically removing them. These few apps in the article are the 0.01% of malicious apps that their algorithm didn’t detect.

hydroptic@sopuli.xyz on 02 Jun 2024 10:28 next collapse

Exactly. Neckbeards love to pretend open source magically has no security vulnerabilities, and that the ability to inspect the source means you’ll never install anything nefarious.

I expect all of them to have read the source for every single package they’ve ever installed. Oh and the Linux source too, of course

steersman2484@sh.itjust.works on 02 Jun 2024 11:07 next collapse

Yes, opensource doesn’t magically fix all vulnerabilities. But it is for sure way better then closed source, where you don’t have a way of auditing the code

jbk@discuss.tchncs.de on 02 Jun 2024 13:06 next collapse

Neckbeards love to pretend open source magically has no security vulnerabilities

Who does? Feels like you’re just talking about inexperienced “btw i use arch” kinda skiddies

Bezier@suppo.fi on 02 Jun 2024 13:38 next collapse

I have never seen anyone make that claim.

Lots of arguments saying it’s an improvement, but never that it magically fixes everything.

autonomoususer@lemmy.world on 02 Jun 2024 16:23 collapse

Another classic lie. ‘Open source’ misses the point of libre software. Anti-libre software [malware] bans us [everyone else] from removing malicious source code.

NaiveBayesian@programming.dev on 02 Jun 2024 10:53 next collapse

The thing is we only know about these vulnerabilities in such great detail because the projects are open source. God knows what kund of vulnerabilities are hidden in closed source software.

jeena@jemmy.jeena.net on 02 Jun 2024 11:22 collapse

Yes, but we don’t know what we don’t know. There are many problems like that in open source too, and even if we can look nobody does.

Therefore I find it problematic to say that just because you use open source programs you’re safe like the parent tried to.

NaiveBayesian@programming.dev on 02 Jun 2024 12:25 collapse

Yes, important to keep in mind that software being open source doesn’t automagically make it secure™.

Still, I think it’s important to stress that the benefits of open source outweigh the risks when it comes to security (imho).

jeena@jemmy.jeena.net on 02 Jun 2024 12:56 collapse

I agree with that.

I don’t agree with how it has been presented by the grandparent here as if open source somehow automatically makes it secure.

shortwavesurfer@monero.town on 02 Jun 2024 12:29 next collapse

Yes, of course. However, when it’s open source, at least somebody is capable of checking those things, even if it is not you. Somebody in the community is capable of doing so.

jeena@jemmy.jeena.net on 02 Jun 2024 12:55 collapse

Yes, that is true, but let’s not pretend that just because some one is theoretically able to, that all source code is constantly monitored by 3rd parties.

shortwavesurfer@monero.town on 02 Jun 2024 13:01 next collapse

Oh, absolutely, that’s true. Definitely smaller projects have less audited code, and even bigger projects can have bugs. Heart bleed ring a bell, LOL. However, when open source software has a bug and it is discovered, it is fixed by somebody in record time, whereas in closed source software, you don’t know that there is a bug that can be exploited and it definitely won’t be fixed until it’s reverse engineered or something or exploited.

EngineerGaming@feddit.nl on 03 Jun 2024 02:19 collapse

Being open-source is not sufficient, but necessary.

redcalcium@lemmy.institute on 02 Jun 2024 15:12 next collapse

If you download apps from fdroid, at the very least you can be sure that the binary is 100% generated from the provided source code, the devs can’t pull a switcheroo like submitting an altered version of app (e.g. inserting malware) that doesn’t match the published source code.

Peffse@lemmy.world on 02 Jun 2024 16:12 collapse

With the new changes to the repo management, that’s not going to remain true for much longer.

autonomoususer@lemmy.world on 02 Jun 2024 16:41 collapse

check every line … yourself.

🚩🚩🚩

A very classic lie, disinformation, used to spread anti-libre software. Anti-libre software bans us, not only me but everyone else, from removing malicious source code.

jeena@jemmy.jeena.net on 02 Jun 2024 21:43 collapse

Very disingenuous of you to fight a strawman and proclaim victory by claiming that I said things which I never did. But if that’s what floats your boat. But for everyone else, try to find any mention of anti-libre software in the original claim.

[deleted] on 02 Jun 2024 22:14 next collapse

.

jeena@jemmy.jeena.net on 02 Jun 2024 23:10 collapse

What are you talking about? You are digging yourself in a trench against me for some reason and you dig deeper every time. I have no idea what your agenda is, but I am stopping participation in it.

I don’t know about you but I have always been a free software advocate, see

But anyway, I’m not interested in whatever this discussion derailed into.

autonomoususer@lemmy.world on 04 Jun 2024 17:26 collapse

Then, you would know anti-libre software bans, not you, us separately and together from proving its claims and removing malicious source code.

autonomoususer@lemmy.world on 02 Jun 2024 22:14 collapse

‘Open source’ is created to subvert libre software.

autonomoususer@lemmy.world on 02 Jun 2024 16:52 collapse

‘Open source’ misses the point of libre software.

interdimensionalmeme@lemmy.ml on 02 Jun 2024 18:49 next collapse

They used to be synonymous. Of course now we have conbtributor licenses

autonomoususer@lemmy.world on 02 Jun 2024 19:32 next collapse

It was invented to derail libre software.

[deleted] on 02 Jun 2024 20:16 collapse

.

shortwavesurfer@monero.town on 02 Jun 2024 20:18 collapse

You’re right, I should clarify better. When I say open source, what I mean is totally open and totally free to contribute to, like the MIT or patchy licenses. Source viewable is a whole different can of worms and not what I mean, so I should be more specific in future.

autonomoususer@lemmy.world on 02 Jun 2024 20:49 collapse

Contributing isn’t the point. AGPL helps us keep control of our own computing.

NeatNit@discuss.tchncs.de on 02 Jun 2024 09:29 next collapse

no list of apps anywhere

original_reader@lemm.ee on 02 Jun 2024 09:47 collapse

Jup. It just says that “the malware was disguised as PDF and QR code readers”.

Not helpful, Mashable. Not helpful at all.

Skua@kbin.earth on 02 Jun 2024 10:07 next collapse

In fairness to Mashable, this isn't their fault. The people that made the report didn't make the list public.

steersman2484@sh.itjust.works on 02 Jun 2024 11:04 collapse

Then why is this the subtitle:

The apps identified have since been removed from Google Play, but make sure you didn’t install one.

Passerby6497@lemmy.world on 02 Jun 2024 13:22 collapse

Because tech journalism is trash on the best days, and these android malapps articles only ever amount to blogspam to make you nervous. I don’t think I’ve seen more than a handful of these articles that actually warns you about the actual apps instead of just talking about the problem without relevant specifics.

bitfucker@programming.dev on 02 Jun 2024 13:34 collapse

I think I may know a few of those. But not through play store. They usually scam someone by saying they got a packet on their way and their tracking number must be opened on an app that they send via messaging apps.

mundane@feddit.nu on 02 Jun 2024 09:56 next collapse

Anatsa uses advanced techniques to avoid >detection and gain access to banking >information.

Anyone who knows what those advanced techniques are?

mtchristo@lemm.ee on 02 Jun 2024 10:56 next collapse

Aren’t apps on android hermetically sealed from other apps and malware. How could this be achieved ?

eskimofry@lemmy.world on 02 Jun 2024 11:16 next collapse

As a developer this question is hilarious to me

catnip@lemmy.zip on 02 Jun 2024 11:23 next collapse

Why? They’re absolutely right. The article doesn’t say anything about a root exploit or phishing either so were left wondering…

Tyfud@lemmy.world on 02 Jun 2024 17:48 next collapse

He’s being condescending because he believes as a developer nothing is actually fully secure. If I spend 100 hours building and securing something, that’s not going to stack up very favorably vs the 1,000’s or even 1,000,000’s of hours attackers and communities can spend trying to break my security layers.

Basically, he’s a dick in how he answered the question, but the truth every software engineer learns, is that there is no fully secure system. There’s always an angle/attack vector you didn’t think of and secure.

Miaou@jlai.lu on 02 Jun 2024 20:55 next collapse

Of course there are (or there can be) fully secure systems. The problems come when you assume something is.

eskimofry@lemmy.world on 08 Jun 2024 07:20 collapse

Hey but that wouldn’t make money to companies like google ot samsung.

Your smartphone is itself a security hole. It has 10+ sensors on it nowadays and who knows how many apps lying about their privacy promises.

eskimofry@lemmy.world on 08 Jun 2024 07:10 collapse

Hey I was just trying to make a joke… but looks like I didn’t consider the wording too carefully.

dev_null@lemmy.ml on 03 Jun 2024 16:05 collapse

They actual report does say it just displays a fake login page. It’s just phishing.

NeatNit@discuss.tchncs.de on 02 Jun 2024 12:20 next collapse

please enlighten the rest of us

OutlierBlue@lemmy.ca on 02 Jun 2024 13:32 next collapse

As a curious Android user this comment is useless to me

Hobo@lemmy.world on 02 Jun 2024 15:29 next collapse

For a real answer here’s the Zscaler blog write up: zscaler.com/…/technical-analysis-anatsa-campaigns…

It looks like they are doing it after app install with a malicious patch. This patch asks for SMS and accessibility access to gain privileges necessary to get into the banking apps. I haven’t thoroughly read it but just looking at the attack chain that’s what I gleaned.

Miaou@jlai.lu on 02 Jun 2024 20:51 collapse

Ugh, TIL zscaler actually does more than just send my PII to the USA without my consent.

trolololol@lemmy.world on 02 Jun 2024 20:41 collapse

As an Android developer that comment makes me sad. Then I remind myself that Lemmy is full of people who migrated from Reddit.

CalamityPayne@jlai.lu on 02 Jun 2024 22:41 next collapse

Dude, do you not want people on this platform? Reddit migrants come with baggage yes but I’d rather that than the husk that was Lemmy before.

trolololol@lemmy.world on 03 Jun 2024 07:46 collapse

I’m not gonna scream back at you,… I’m just going to walk back… very… very… slowly…errrrrrrr

Liz@midwest.social on 03 Jun 2024 02:59 next collapse

We each have our specialties, and it would be unreasonable to ask that everyone share yours.

eskimofry@lemmy.world on 08 Jun 2024 07:22 collapse

Hey don’t pretend that you didn’t migrate as well.

Guy_Fieris_Hair@lemmy.world on 02 Jun 2024 14:55 next collapse

Explain yourself

eskimofry@lemmy.world on 08 Jun 2024 07:19 collapse

There’s no such thing as perfect security… unless your application is trivial and doesn’t do very much. Android is designed to collect data from the dozen plus sensors on your phone in order to get money from app vendors to push ads.

Nima@leminal.space on 02 Jun 2024 15:05 collapse

and one day you’ll say why, right?

eskimofry@lemmy.world on 08 Jun 2024 07:17 collapse

Android as a system has too many moving parts. You not only have to worry about various device manufacturers compiling their own versions of AOSP, you have to worry about how manufacturers package unremovable apps like facebook, candy crush, etc.

The backdoor is actually the front door… and it is app vendors who are actually the customers… not the phone owners.

The main reason smartphones took off is that business people were salivating at an always on, always listening device with 10+ sensors collecting data on this whole world. And we pay for the privilege.

Android has to be designed to collect data and show you ads. Is it really surprising that security here is just security against free access to this data from outsiders… and not caring about your security?

whyrat@lemmy.world on 02 Jun 2024 15:34 next collapse

Since the other reply was unhelpful: apps are supposed to have limited privileges and isolation from each other, yes… But the whole point of malware like this is that they figure out ways to break those restrictions and get escalated privileged.

You can get more technical detail from reading the report, in this case it looks like the app does not contain malware, but instead requests an update after install that contains the bad code and then breaks the app limitations and scans for the target banking applications and copies the security certificates.

dev_null@lemmy.ml on 03 Jun 2024 16:00 collapse

Yes, the app doesn’t steal any information from other apps. The report says the malware just displays a fake bank login page, in the hope the user gives it their details willingly.

sfcl33t@discuss.tchncs.de on 02 Jun 2024 11:51 next collapse

From the actual report:

"Over the past few months, we identified and analyzed more than 90 malicious applications uploaded to the Google Play store. These malware-infected applications have collectively garnered over 5.5 million installs.

Recently, we noticed an increase in instances of the Anatsa malware (a.k.a. TeaBot). "

So not 5.5M installs of this specific malware, FWIW

Hedup@lemm.ee on 02 Jun 2024 13:40 next collapse

I got many apps installed. I don’t keep in my memory what I have. How do I check that I don’t have any from those compromised?

tomjs@lemdro.id on 02 Jun 2024 16:43 collapse

Go to Settings and search for Google Play Protect. Tap Scan, and if it results in No harmful apps found, you’re safe.

Pxtl@lemmy.ca on 02 Jun 2024 14:37 next collapse

As somebody who occasionally had to develop for android: the churn of improvements to app security was a huge pita. And as a user I know many of the abandoned apps that I liked that lost compatibility was for that reason.

So the fact that in spite of this pain, Android security still allows apps to do horrible crap like that is infuriating.

atrielienz@lemmy.world on 02 Jun 2024 16:02 next collapse

The app doesn’t contain malware when it’s uploaded to the play store. It forced an update after it’s installed that contains the malware.

Pxtl@lemmy.ca on 02 Jun 2024 17:23 next collapse

That’s not what I mean. I’m not thinking about Play Store security, but Android OS security. Like, your app physically has to ask for permission (or even require the user manually change settings) to do most unsafe things.

efstajas@lemmy.world on 02 Jun 2024 19:29 next collapse

Physically? So the dev has to come ask you in person?

NikkiDimes@lemmy.world on 03 Jun 2024 02:50 collapse

By mail, even

dev_null@lemmy.ml on 03 Jun 2024 15:53 collapse

It does, you have a full screen scary warning when an app asks for these accessibility permissions. Clearly many people just give it to a random QR code reader app for some reason.

werefreeatlast@lemmy.world on 02 Jun 2024 17:39 collapse

So I could write an app that is okay on the Google store, then change it to steal people’s information? Hmmm 🤔 that gives me an idea…hahh! Too many projects at the moment.

efstajas@lemmy.world on 02 Jun 2024 19:43 next collapse

If you read the original report, it says that it basically just displays a fake banking login page. It also says that it requested accessibility service permissions, which makes me think maybe it brought up the fake login pages “in the right moment” (as in as users opened their banking apps) to make it more convincing, even though the article doesn’t specify that.

Either way, IMO the problem here is clearly with the Play Store allowing this app in, and not with Android’s security itself. These apps are misusing the accessibility service system, which is obviously necessary for a ton of important use cases (and of course also requires the user to grant very explicit permission). The fact that the accessibility services are a thing doesn’t delegitimize Android’s security improvements over the years.

ji17br@lemmy.ml on 03 Jun 2024 01:26 collapse

If a user can open their baking app, and this app can sense that and open instead, then that is 100% an Android issue. That behaviour shouldn’t be possible.

Liz@midwest.social on 03 Jun 2024 02:56 collapse

“Accessibility service permissions” is a higher level of permissions than most apps get and Android will be all like “bro, are you sure you want to grant this app that kind of access and control? You really sure?” I’ve got a few apps on my phone with that level of permissions including one written by Google. They’d simply be unable to do their job without that level of access, jobs which have been straight-up good for my physical health. Ultimately there’s a balance between security and letting the user do what they want.

dev_null@lemmy.ml on 03 Jun 2024 16:03 collapse

According to the report, the app just displays a fake login page. I don’t see a good way to prevent this.

helpImTrappedOnline@lemmy.world on 02 Jun 2024 16:48 next collapse

Am I just missing it, or is there no list of of these infected apps on the posted article or the reference the article links to. To me, that is the most important information.

beefbot@lemmy.blahaj.zone on 02 Jun 2024 17:06 next collapse

Agreed. If this article didn’t contain a way to check the apps, that would be irritating

Vendemus@lemmy.world on 02 Jun 2024 21:31 collapse

It is about halfway down the article, but you have to dodge a few adds to get to that part.

“The two apps mentioned in the report were called “PDF Reader and File Manager” by Tsarka Watchfaces and “QR Reader and File Manager” by risovanul.”

helpImTrappedOnline@lemmy.world on 02 Jun 2024 21:54 collapse

Well, I did miss that, I was skimming for something like a large list or table. That still leaves 86/90+ unlisted.

the_doktor@lemmy.zip on 02 Jun 2024 19:48 next collapse

Can’t steal my bank info if I use cash only…

LifeInMultipleChoice@lemmy.world on 03 Jun 2024 00:26 next collapse

That is correct, but you do lose out on all investments that have generated the wealth to make people wealthy these days.

So let’s say inflation was 4 percent for the year and you could have made 10 percent invested in stocks for the year, you would have made 6% profit on your money for the year. Instead you lost 4% that year.

That difference could make or break someone long term, completely different retirement options.

the_doktor@lemmy.zip on 03 Jun 2024 08:58 collapse

Everything’s going to collapse in the next 10-20 years anyway.

LordWiggle@lemmy.world on 03 Jun 2024 00:36 next collapse

How though. Over here cash isn’t accepted anymore at most places. I only use cash for buying drugs. Most stores and groceries only accept card. Same with bars and clubs. I honestly have no idea besides drugs what to use cash for.

the_doktor@lemmy.zip on 03 Jun 2024 08:59 collapse

I cannot imagine such a dystopian, nightmarish place where you can only pay with something that personally identifies you. Congrats for living in a nightmare. I’d leave.

LordWiggle@lemmy.world on 03 Jun 2024 09:31 collapse

Yeah, sure, where to? I live in the Netherlands, one of the wealthiest countries. I’ve seen many parts of the world in my time in the navy. There aren’t many places better then here, honestly. Only Norway scores higher, they have a lot of things worked out much better then the rest of us. But paying with plastic is very common there too. Also, digitalization doesn’t have to be bad. Look at Estonia, I think many countries can benefit from their system. See here a video on it by Kraut. There’s a difference between digitalization and a system like China has. But my expenses should be private at least, so cash would be best. They just make it harder every day. We used to be able to say “I’m not interesting, no one cares what I do, no one is going to check me”. But now we have AI, now every one of us indeed IS interesting. And everyone is being checked to teach the algorithm. Countries with few laws to protect privacy and welfare of it’s inhabitants, like the US for example, can turn to a totalitarian control state in no time with just one crazy idiot as a leader. At least the US never had idiots as president 👀. At least the US doesn’t have a history of wanting to collect everyone’s data 👀. At least they are not actively doing anything with the data, like China or Russia does 👀.

But on your point of living in a dystopian world: Yeah, we fucking do. But it doesn’t matter where we live. It’s dystopian everywhere. We live in World War III while we have to fight to get the bare minimum of privacy, we must work our ass off for the bare minimum of living standards and we buy products we do not own. Difference between the rich and poor has never been as high as now and the military strongest countries are run by idiots and dictators. Mass amount of people see Elon Musk as our savior for a better future, the biggest narcissistic hypocritical scam artist our there. At least Trump isn’t president anymore. Oh wait… Seriously, the movie Idiocracy isn’t a comedy, it’s a documentary. I seriously think the US would benefit if it had Dwayne Elizondo Mountain Dew Herbert Camacho as president over Trump.

While the rest of the world turns more extremist every day (especially right wing) with rising world tensions.

So if I plan on moving it will be out of the world of the living at best.

PipedLinkBot@feddit.rocks on 03 Jun 2024 09:32 next collapse

Here is an alternative Piped link(s):

See here a video on it by Kraut.

Piped is a privacy-respecting open-source alternative frontend to YouTube.

I’m open-source; check me out at GitHub.

the_doktor@lemmy.zip on 03 Jun 2024 15:54 collapse

It’s funny how in our dystopian America (and I agree, it is), at least we can still pay for things anonymously.

What a concept.

LordWiggle@lemmy.world on 03 Jun 2024 17:21 collapse

In Berlin people will hate you if you’d draw your card. But to get cash is hard, not many ATM’s. Also in many countries the limit of what you can withdraw and deposit is being lowered more and more. But at least it helps against criminality. But it’s not like they care about that in the US seeing the corrupt judiciary system, privatized incarceration system (including slavery), corrupt and racist police, organized crime with tight connections to government officials, the insane amount of guns widely available (including military guns), the massive drug use, etc etc.

But at least they have their freedom. Or well, except for the insane amount of incarcerated people. Oh and if you’ve got a really weird and twisted idea of freedom. Like, free to grab a gun if you want to shoot around at your school, but not free to feel safe anywhere anytime. No safety you won’t become homeless if you have a medical issue. But you’re free to do forced free labor when you get wrongfully incarcerated for being black, or because the incompetent jury fell for the charmes of the prosecuter or didn’t like the face of your lawyer.

Talking about dystopian, the US really ticks all the boxes. They could do a great dystopian TV show. Every season a different dystopian world. US, China, North Korea, Russia, Turkmenistan, South Africa, Venezuela, etc. I’d watch that.

ji17br@lemmy.ml on 03 Jun 2024 01:24 collapse

You’re only robbing yourself if you go cash only. $1 will be worth less tomorrow than it is today.

the_doktor@lemmy.zip on 03 Jun 2024 09:00 collapse

The $1 in your scam account is worth the same as a real $1 bill. Maybe less when the entire financial system inevitably collapses in on itself as the rest of the world does and people will actually value real money again.

ji17br@lemmy.ml on 03 Jun 2024 14:28 collapse

If that actually happens money is literally just paper at that point.

The $1 in my account actually grows. Sorry you don’t understand basic finance.

the_doktor@lemmy.zip on 03 Jun 2024 15:53 collapse

It “grows” because you don’t own it and these scamming places want to encourage you to “invest” in their scam. It’s like investing in any other scam. At the end you can be screwed over by all these banks – as I have so many times because they don’t care about me or my money – and decide to destroy every bit of savings I have because of some “error” that they ultimately blame on me.

No thank you. I have been scammed by banks (and credit unions) far too many times in my life. They’re just greedy, hateful businesses, like any others, and you shouldn’t trust them. Just part of our capitalist nightmare.

ji17br@lemmy.ml on 03 Jun 2024 15:59 collapse

Damn dude. You really have no clue. You lend the bank your money. They can use that money to lend to others. They give you some of the profit.

If you deposited money in a bank, and they told you it’s now their money and you own nothing, then you didn’t deposit money in a bank.

You are clearly leaving out important details. Banks can’t just take your money.

The fact that it seems to have happened multiple times to you is extremely suspicious.

the_doktor@lemmy.zip on 03 Jun 2024 16:22 collapse

They have. Multiple banks and a credit union. Mismanaged my money and screwed me over while I was trying to get it right leading to owing them huge fees and ultimately no money in the account. Never again.

But just keep throwing money at the scam and have every single store track your purchases by your credit card. I refuse to participate in such a nightmarish society.

ji17br@lemmy.ml on 03 Jun 2024 18:16 collapse

Again, I believe you are leaving out key details. They didn’t just take your money.

My assumption is that you didn’t understand how banking fees work and overdrafted your account or something. Perhaps got a credit card and only made minimum payments, which essentially just covers the interest.

the_doktor@lemmy.zip on 04 Jun 2024 12:06 collapse

I understood just fine. I knew what they were supposed to do and how. I knew about fees, about account limits where you have to have a minimum amount to not pay any monthly fee, I knew everything about their corrupt little operation except for, apparently, their ability to take away your money at a moment’s notice and I have to go in and show them I had more, to which they ignored me and didn’t give me any real reason beyond “it’s not us, it’s you” bullshit despite extensive records I had.

They don’t care. It’s all about screwing over people who are struggling to bottom them out of society so they can never recover. Fuck the system.

starman2112@sh.itjust.works on 02 Jun 2024 22:16 next collapse

These articles are useless without a damn list

foremanguy92_@lemmy.ml on 03 Jun 2024 09:04 collapse

Right

Sam_Bass@lemmy.world on 03 Jun 2024 00:25 next collapse

AI probably “wrote” that

whereBeWaldo@lemmy.dbzer0.com on 03 Jun 2024 10:25 next collapse

Hello EVERYONE here’s a list of 50 unbelieveable products that will change your life and grant you immortality:

loudWaterEnjoyer@lemmy.dbzer0.com on 03 Jun 2024 10:38 next collapse

I’ recommend to just read the report https://www.zscaler.com/blogs/security-research/technical-analysis-anatsa-campaigns-android-banking-malware-active-google

ulkesh@lemmy.world on 03 Jun 2024 14:50 collapse

iOS user: That’s a shame.

But seriously, this sucks and is why Google needs more rigorous vetting of apps that go into the store. Sure, you sideload, that’s your problem. But if on the Play Store, the general Android user would think there’s some good level of governance.

Of course there’s a measure of caveat emptor here. So hopefully it’ll teach people to be wary of what information they freely give out.

LOL, well I guess the Reddit masses are on Lemmy full swing now. Enjoy the malware, I’ll continue laughing about it.

SPRUNT@lemmy.world on 03 Jun 2024 16:40 collapse

<img alt="" src="https://lemmy.world/pictrs/image/5d153e33-3f11-4280-be73-34e8b82e74f4.gif">