South Korean Internet users interested in downloading copies of "The Interview" should be worried, as people are having their devices infected while trying to download the movie. Specifically, a Google Android mobile app, available for smartphones and tablets, has been circulating promising access to a pirated copy of the movie - but is instead stealing banking details, according to researchers from McAfee Labs, Center for Advanced Security Research Darmstadt, and Technische Universitate Darmstadt.
"It contains an Android Trojan detected by McAfee products as Android/Badaccents," according to cybersecurity expert Graham Cluley. "Android/Badaccents claims to download a copy of 'The Interview' but instead installs a two-stage banking Trojan onto victims' devices."
The malware targets Korean banks and Citi Bank, with stolen credentials then sent to a Chinese server. The app was reportedly hosted using the Amazon Web Service (AWS), but Amazon has denied the claim. Researchers say the malicious app has been downloaded more than 20,000 times.