A total of 12 malicious Android apps in the Google Play Store are stealing people’s bank account details, and these apps were downloaded 300,000 times, according to researchers at ThreatFabric.
Researchers at ThreatFabric in a blog post explained that such applications only introduce the malware content through third-party sources after being downloaded from the Google Play store.
The malicious Android apps on the Google Play store spotted by the researchers included QR Scanner, QR Scanner 2021, PDF Document Scanner Free, PDF Document Scanner, Two Factor Authenticator, Protection Guard, QR CreatorScanner, Master Scanner Live, CryptoTracker, and Gym and Fitness Trainer.
Researchers say that these apps are part of four malware families — Anatsa, Alien, Hydra, Ermac— which are designed to steal users’ online banking passwords as well as two-factor authentication codes. The malware even captures what you type and takes screenshots of users’ phones.
Anatsa malware family as per the report, was downloaded over 100,000 times. It should be noted that such apps have positive reviews in the Google Play Store which would make them look more legitimate.
While Google has tried to tackle the problem by introducing several restrictions to seize the distribution of fraudulent apps. But, what makes these apps difficult to detect is that they have a very small malicious footprint, which goes undetected by Google Play Store.
“These applications entice users by offering additional content through such third-party updates. In some cases, the malware operators are said to have manually triggered malicious updates after tracking the geographical location of the infected devices,” the researchers added.
Earlier, in 2020, Joker trojan found its way to Google Play store, affecting users by subscribing them to paid subscriptions without their consent.
However, there are steps you can take to avoid unintentionally installing malware on your device. The most significant in this case, is to to download effective antivirus software, which can scan every new app that’s downloaded and monitor it for any suspicious activity.
These Android apps are stealing banking credentials of users: Report - The Indian Express
Read More
No comments:
Post a Comment