“The goal is to make the town progress by improving the resilience of its inhabitants,”
Sounds a bit like Stardew Valley?
I’d suggest Podman over docker if someone is starting fresh. I like Podman running as rootless, but moving an existing docker to Podman was a pain. Since the initial docker setup was also a pain, I’d rather have only done it once :/
For me the use case of K8s only makes sense with large use cases (in terms of volume of traffic and users). Docker / Podman is sufficient to self-host something small.
Since the other reply was unhelpful: apps are supposed to have limited privileges and isolation from each other, yes… But the whole point of malware like this is that they figure out ways to break those restrictions and get escalated privileged.
You can get more technical detail from reading the report, in this case it looks like the app does not contain malware, but instead requests an update after install that contains the bad code and then breaks the app limitations and scans for the target banking applications and copies the security certificates.