Download our in-depth report: The Ultimate Guide to IT Security Vendors
Krebs on Security's Brian Krebs reports that a malware developer recently announced on an online forum that he was willing to pay $100 for verified Google Play developer accounts, which can be used to make malware seem like a legitimate app.
"Google charges just $25 for Android developers who wish to sell their applications through the Google Play marketplace, but it also requires the accounts to be approved and tied to a specific domain," Krebs writes. "The buyer in this case is offering $100 for sellers willing to part with an active, verified Play account that is tied to a dedicated server."
"The same wheeler-dealer is also selling an Android mobile malware creation toolkit that targets banking customers of Citibank, HSBC and ING and many other banks in multiple countries ... The Perkele (a Finnish curse word for 'devil' or 'damn') malware sold by the trickster is designed to intercept incoming SMS messages from banks sent to infected Android phones," writes The Register's John Leyden.