Skip to main content

Google Play Store Flooding with Spyware, Banking Trojan, Adware Via Games, and Utility Apps

Google Play Store Flooding with Spyware, Banking Trojan, Adware Via Games, and Utility Apps

Google Play Store continues to be the source of malicious apps. Researchers found several Spyware, Banking Trojan, Adware, and other threats in these malicious apps. These malicious apps are designed to spy on users, show unwanted ads and also perform malicious activities on the user's devices.

These apps are disguised as legitimate apps such as game apps, photo editors, family locator, memory boosters, crypto exchange, security and camera apps.

Researchers found a new Banking Trojan named Android.Banker.352.origin distributed through a fake version of the official YoBit crypto application.

Once the application launched, it open's up a fake authentication window and asks users to enter login credentials, if the login credentials are entered then the app sends the login credentials to the attacker server and shows the error message like service unavailable. So, this way Banking Trojan steals the user's login credentials.

Google Play Store Flooding with Spyware, Banking Trojan, Adware Via Games, and Utility Apps

The Banking Trojan also capable of hiding auth codes from text messages, block notification in the infected device. It is also able to steal two-factor authentication (2FA) codes from text messages and emails sent to the infected device. So, this way attackers compromise cryptocurrency wallets owned by victims.

Another Banking Trojan, named Android.Banker.347.origin found on Google Play Store which is a modified version of Android.BankBot.495.origin & Android.Banker.346.origin Trojans. This Trojan was embedded within an app called Encontre Mais, that used to locate family and friends.

This Banking Trojan specifically targets Brazilian customers associated with financial organizations. It steals sensitive data from the Android device and capable of pushing phishing pages based on the command from the attacker.

Researchers found new versions of Spyware, named Program.Panspy.1.origin, Program.RealtimeSpy.1.origin & Program.MonitorMinor on Google Play Store. These are capable of stealing various sensitive information such as phone calls, text messages, online activity, location of devices, and send these data to the attacker's server.

Researchers also found Adware, named Android.HiddenAds on Google Play Store. It displays advertising banners, and may also attempt to download and install APK files.

Trojan downloaders, named Android.DownLoader.920.origin & Android.DownLoader.921.origin also found on Goole Play Store. They were spread through Android Gaming applications and on execution attempts of these apps downloads additional Trojans on devices.

The modified version of Android.Joker Malware, named Android.Click.781 & Android.Click.325.origin use to subscribe for premium services without user knowledge and transfer the contact data from the victim's contact list to the attacker's server.

A legitimate app store like Google Play repeatedly harbors malicious apps and it is a cause of concern. Android smartphone users are often advised not to download apps from third-party sources to avoid Malware. Unfortunately, it seems sticking to the Google Play Store isn't always safe either. Besides installing apps from trusted developers, users can also stay safe by checking the reviews of other users. In many cases, information from other users may help to take the right decision.

I hope you find useful information in this article. If you have any questions then please mention in the comments section and I will get back to you and stay tuned with my blog to learn interesting things related to cybersecurity and hacking. 

Comments

Popular posts from this blog

How To Check If a Link Is Safe To Click

Many times, we share links among our friends on social media platforms like WhatsApp, Facebook, Instagram or Twitter. But do we know how safe they are? What can happen if you click on any malicious link? We never think of the following things : Links can drop various harmful programs, viruses on your device Links can steal your personal data by dropping spyware or keyloggers Use your browser for crypto mining which will affect your device's performance Even if your device is secured with antivirus, not all of them warn you before clicking such malicious links . And the moment you click on these, they will become big trouble for you. This can sometimes even be dangerous with regard to data security and identity theft. So, Be careful about what you click on. These days one of the quickest growing security issues is ransomware , which is often spread by the user unintentionally clicking dangerous links in emails, social media platforms, messengers, and other tool

How To Enable WhatsApp Fingerprint Lock Feature on Android

WhatsApp has officially rolled out the fingerprint lock feature for all the Android users. Most of you may already have been doing it for the last few years with the help of third-party app lockers for adding more security. Keeping that in mind and to make the process quicker and safer at the same time, WhatsApp has now launched this new fingerprint lock feature so that you can open the app by your fingerprint. It means that regardless of whether the phone is opened, others won't have the option to gain access to the messages without your fingerprint. So, you can now secure your WhatsApp conversations with an extra layer of biometric security . With this step, WhatsApp is finally offering biometric authentication to the Android app, while iPhone users enjoying both the Touch ID that is the fingerprint recognition and Face ID that is the facial recognition since the month of February 2019. WhatsApp is also giving more options with the new fingerprint lock featur

TikTok Secretly Sent Users Private Data & PII Number to Chinese Server Including Draft Videos

The popular Android and iOS short-videos creating app, TikTok hit with a lawsuit claims that the app illegally and secretly transfers app's users' private sensitive data and Personally Identifiable Information (PII) to Chinese servers. TikTok which is a 15-second short-video creating app especially popular among the younger generation and also downloaded over 1.3 Billion times worldwide . TikTok remains top in the most downloaded app list for months on the Apple App Store and Google Play Store.  According to the lawsuit, Tiktok shared the user's created videos which include private acts and closeups of user's faces (biometric data) before the videos are saved on the app. TikTok provides many options includes the next button, close button, and button for effects to its users while recording the video. Here, the next button takes users to the screen that shows these two options : "post" and "save".  After clicking on the "next" button, Tik