If you use an Android phone, then you need to be more careful when downloading any apps. Researchers found that more than 300,000 users downloaded what turned out to be banking trojan malware after it managed to bypass the security of Google Play Store.
Several commonly downloaded apps are fronts for four different forms of malware, one of which is which can capture users' bank account and password details and send the information to hacker.
see more
Alert: THIS poisonous plant landed a young man in the hospital
Google develops AI tool to help journalists in…
ThreatFabric researchers found that common applications such as QR code readers document scanners, fitness trackers and cryptocurrency trading platforms are not always genuine.
Hackers managed to make harmful versions of these apps that look just as benign as the genuine ones. And, so that users don't suspect anything, these apps advertise what they do in the most attractive way possible. Convinced by these advertisements, users fall prey to hackers after downloading these apps.
Some of these apps are:
- Two Factor Authenticator
- Protection Guard
- QR CreatorScanner
- master scanner live
- QR Scanner 2021
- PDF Document Scanner – Scan to PDF
- PDF Document Scanner
- QR Scanner
- CryptoTracker
- Gym and Fitness Trainer
Hackers are using four different forms of malware to steal users' personal information, according to researchers. Each piece of malware remains inactive unless the application containing it is installed within the application.
Right after installation is complete, the first thing the malware does is bypass Google Play Store security detections. This ensures that both the app and the malware will carry out their tasks without scanning the phone.
The most common malware of the four is called Anatsa, which researchers say has been downloaded by more than 200,000 Android users. It is dubbed an “advanced” banking trojan because it can steal usernames and passwords for a user's internet banking services.
In addition to doing this, Anatsa can also enable accessibility logging on the phone, so that everything that is happening on the phone screen is captured. The hackers also installed a keylogger on the Trojan horse to record all information the user types into the phone, such as passwords.