A total of 12 malicious Android apps on the Google Play Store steal people’s bank account details, and these apps have been downloaded 300,000 times, according to researchers at ThreatFabric.
In a blog post, cyber security experts pointed out that such apps only deliver malware content through third-party sources after downloading them from the Google Play Store.
Malicious Android apps identified on Google Play Store by researchers QR ScannerAnd QR Scanner 2021And Free PDF Document ScannerAnd PDF Document ScannerAnd Two factor authenticationAnd protection guardAnd QR CreatorScannerAnd Master Scanner LiveAnd CryptoTracker NS Fitness and gym coach.
Researchers say these apps are part of four families of malware – Anatsa, Alien, Hydra and Ermac – designed to steal users’ bank passwords as well as two-factor authentication codes. The malware still captures what you type and takes screenshots of users’ phones.
The Anatsa malware family, according to the report, has been downloaded more than 100,000 times. It should be noted that such apps get positive reviews in the Google Play Store, which makes them look more legitimate.
Google tried to solve the problem by introducing several restrictions to stop the distribution of fraudulent applications. But what makes these apps difficult to detect is that they have a very small malicious footprint, which is not detected by the Google Play Store.
“These applications attract users by offering additional content through third-party updates. In some cases, malware operators are said to have manually triggered malicious updates after tracking the geolocation of infected devices,” the researchers added.
Previously, in 2020, the Joker Trojan found its way into the Google Play Store, affecting users by enrolling them in paid subscriptions without their consent.
However, there are steps you can take to prevent the accidental installation of malware on your device. The most important thing in this case is to download an effective antivirus that can scan and monitor every new downloaded application for any suspicious activity.
