Unlike malicious apps that are dripping with malware making it harder to get listed in the Google Play Store (but not impossible, unfortunately), malware droppers look and act like your garden-variety apps. But when these apps notify users that an update is ready, what is really being installed is malware running in the background scooping up your banking information and other personal data….CONTINUE READ.ING HERE
In a new blog post, Amsterdam computer support company Threat Fabric warns Android users about a new banking Trojan designed to steal your login info, account number, and other financial information that might help the attackers steal your hard-earned cash. Like the Greek’s Trojan Horse, which from all appearances was a gift to the city of Troy only to be filled with Greek soldiers inside, Trojan malware ambushes users by looking like a legitimate app.
Fake Play Store listing asks you to update this malware dropper which actually installs a banking Trojan
Nonetheless, the report mentions that this new banking Trojan is called Sharkbot and one malware dropper purported to be an app to help users calculate their taxes in Italy. With over 10,000 installs, “Codice Fiscale” has an innocent-looking listing in the Play Store. If opened on a device, the app checks the country where the handset’s SIM is registered. If it didn’t match the code for Italy, no malicious behavior would take place.
If opened on a phone using a SIM registered in Italy, the app would open a fake Play Store page with a bogus listing for “Codice Fiscale.” This fake listing also revealed that an update was available for the app, something that all users would probably tap on. And while some browsers might warn the user about the update, the owner of the phone could feel comforted by the fact that the app was installed from the Google Play Store and go ahead with the update.
What was really being loaded on the phone was the aforementioned banking Trojan. And if you think that you’ve escaped having your personal info from your banking app stolen because you don’t live in Italy, you need to think again. Another dropper app, “File Manager Small, Lite,” targets banking apps used in other countries such as the U.S., U.K., Austria and Australia, Italy, Germany, Spain, and Poland.
Another banking Trojan, this one called Vultur, has been disseminated by three malware droppers also found in the Play Store: “Recover Audio, Images & Videos,” “Zetter Authentication” and “My Finances Tracker.” The first app listed has over 100,000 installs. Vultur keeps track of all taps and gestures made by an Android user on his/her phone. Similar to Sharkbot, this ploy uses a fake update to load the malware on a handset.
To combat these malware droppers, normally we’d suggest checking the comments section for red flags. However, attackers have been known to load up the comments section with fake reviews. And after the initial installation of one of these apps, you might see a fake Google Play Store listing with phony reviews in an attempt to get you to tap the update button. The victim himself is inadvertently causing the malware to load on his own phone.
ThreatFabric says that it always reports malware droppers in an attempt to have them removed from app stores. But just because an app is removed from an app store doesn’t mean it has been removed from your phone. So if you have one of these installed on your device, uninstall it immediately:
ThreatFabric adds, “Such way of distribution of Android banking Trojans is very dangerous as victims may stay unsuspecting for a long time and may not alert their bank about suspicious transactions made without them knowledge. Thus it is very important to take actions on the organization side to detect such malicious apps and their payloads as well as suspicious behavior happening on customer’s device….CONTINUE READ.ING HERE
Note: This article have been indexed to our site. We do not claim legitimacy, ownership or copyright of any of the content above. To see the article at original source Click Here
VISTOP Non-Slip Splash Pad for Kids and Dog, Thicken Sprinkler Pool Summer Outdoor Water Toys - Fun Backyard Fountain…
$39.95 (as of June 25, 2024 21:04 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Coquimbo Tire Inflator Portable Air Compressor - 150PSI Electric Air Pump for Car Tires Cordless Car Bike Motorcycle Accessories of Ball Balloon Dad Gifts for Fathers Day Men Women (Black)
$29.99 (as of June 25, 2024 21:05 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Focusrite Scarlett 2i2 Studio 4th Gen USB Audio Interface Bundle for the Songwriter with Condenser Microphone and Headphones for Recording, Streaming, and Podcasting
$99.99 (as of June 24, 2024 21:06 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
Apple AirPods (3rd Generation) Wireless Ear Buds, Bluetooth Headphones, Personalized Spatial Audio, Sweat and Water Resistant, Lightning Charging Case Included, Up to 30 Hours of Battery Life
$148.29 (as of June 25, 2024 21:05 GMT +00:00 - More infoProduct prices and availability are accurate as of the date/time indicated and are subject to change. Any price and availability information displayed on [relevant Amazon Site(s), as applicable] at the time of purchase will apply to the purchase of this product.)
