Malware

You have no idea what you are talking about. [...] What is this "important financial data" that the the trojan is supposed to steal? Are you telling us that you are decompiled and reverse-engineered it? I don't think so.

Perhaps you have another reason why the folks behind this malware would be injecting malicious code into communications apps? Maybe they just want to see your Facebook photos.

Thomas A Reed wrote:

Perhaps you have another reason why the folks behind this malware would be injecting malicious code into communications apps?

Again, have you decompiled this code? If so, would you care to post the assembly? I can read that, can you?

Stealing financial information would be extraordinarily difficult. Such a task seems way beyond tha capabilities of whowever wrote this pathetic software. The trojan is probably just another Google ad scam. Trying to identify and steal financial information from users is a hard way to make money. It is far easier to create web traffic and wait for checks to show up in the mail.

It would be trivial to capture keystrokes in the browser, or intercept traffic destined for certain sites of interest (like PayPal, for example). But even if you insist on scoffing at such possibilities, one of the effects of some variants of this malware is causing redirects to phishing sites. Are you saying that phishing is not a realistic way for hackers to make money? I'd have to disagree with that.

In any case, your entire argument boils down to a "burden of proof" logical fallacy. You make claims that this malware isn't dangerous, and then require others to prove to you that it is. You are the one making extraordinary claims - that hackers would bother to create, distribute and update malware over many months, risking lengthy prison sentences, with no financial gain - thus the burden of proof is on you, not me.