Google has been making efforts in keeping the Play Store safe from malicious apps, but despite all that, malware authors always come up with a way to sneak these apps into the Play Store.
These apps masquerade as horoscope apps, device boosters, battery doctor, utility apps etc. All the apps have one thing in common which is its malicious purpose. Some of the apps are made to steal users bank login details or credit card details, while others send junk traffic or use the infected to join a botnet. The list of harm that can be done to an infected Android device is just endless.
However, it seems these malicious apps have employed other tricky method to get their way on their victims device.
According to security researchers at ESET, some malicious apps now use evasive method to avoid detection. Some of the apps pretend to delete themselves by displaying fake error messages when launched, but still continue to run malicious activity in the background.
The security site explained that "these apps belong to the category of sophisticated mobile banking malware with complex functionality and heavy focus on stealth."
"Once launched," the ESET blog reads. "The apps either display an error claiming they have been removed due to incompatibility with the victims's device and then proceed to hide themselves from the victim's views, or deliver the promised functionality - such as displaying horoscopes."
The cybersecurity experts found about 29 of these sneaky Trojan apps which belonged to the Red Alert 2 family.
The blog explained that the Trojans can be remotely controlled, and as well, are "capable of dynamically targeting any apps found on the victim's device with tailor-made phishing forms. Aside from this, they can intercept and redirect text messages to bypass SMS-based two-factor-authentication, intercept call logs, and download and install other apps on the compromised device."
Though these malicious apps were uploaded under different developer names and guises, the similarities in the codes and a shared C&C server suggests the apps are the work of a single attacker or group.
Google has removed the malicious apps from the Play Store after ESET notified it, however, the apps had already recorded almost 30,000 downloads.
Click here to view the list of the apps that were flagged by the cybersecurity company. Kindly go through to see if by chance you installed any of them. If you do, make no hesitation in uninstalling the app(s).
0 comments:
Post a Comment