Android banking trojan: These malware-spreading apps were posing as utility tools to steal user data – Times of India
A new set of dangerous Android apps were successful in bypassing Google’s security to make their way into the Play Store. Experts have warned that these malware-laden apps were masquerading as utility applications and were able to manage over ten thousand total downloads before it was removed by the tech giant. According to a report by Bleeping Computer, cybersecurity researchers at Bitdefender were able to discover four such apps which are — “FileVoyager”, “X-File Manager”, “LiteCleaner M” and “PhoneAID, Cleaner, Booster 2.6”.
Why these apps were dangerous
As per the report, these apps were distributing a banking trojan malware named Sharkbot and were able to manage at least 16,000 cumulative downloads. These apps were able to disguise themselves as phone cleaning and file management apps. The researchers even suggested that by impersonating utility apps, attackers hoped that users won’t get suspicious when these apps would ask for various permissions.
Why these apps were dangerous
As per the report, these apps were distributing a banking trojan malware named Sharkbot and were able to manage at least 16,000 cumulative downloads. These apps were able to disguise themselves as phone cleaning and file management apps. The researchers even suggested that by impersonating utility apps, attackers hoped that users won’t get suspicious when these apps would ask for various permissions.
How does Sharkbot work
The report mentions that Sharkbot needs several permissions to control other apps and steal sensitive banking data. This malware takes control of legitimate banking apps and the trojan can steal login data whenever users sign into the app.
How these apps managed to bypass Google’s security
These apps were able to bypass Google’s security checks as they didn’t deliver the malware payload upon installation, the report notes. The trojan was later deployed when the attackers triggered an update for these apps.
Regions targetted by the malware
The report claims that most of the victims were people residing in the UK and Italy. However, the researchers also observed that the attackers were also targeting the bank accounts of users in Iran and Germany as well.
How to stay safe from these apps
Google has already removed these apps from the Play Store. However, some users still might have the apps downloaded on their devices which can be risky. Users who had these apps installed need to delete these apps and change their banking account passwords to mitigate any threat of cybercriminal activities posed by the apps.
You can install an Android antivirus app and keep the Play Protect service enabled to protect against such attacks.
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.
Denial of responsibility! NewsBit.us is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.
