Banking malware that impersonates Google Play app targets Android users

Bankbot has evolved during the past year, developing new ways to dupe users

Bankbot has evolved during the past year, developing new ways to dupe users

Bankbot has evolved during the past year, developing new ways to dupe users

Banking Trojan Bankbot has made its way into the Google Play Store again, just months after its first removal in April.

Initially discovered in early 2017, the malware created fake overlay screens that looked like the login pages of popular banking apps. Once you entered your username and password, the data was passed onto cybercriminals.

But the newest Bankbot is even smarter than previous versions - waiting 20 minutes after its download before installing itself - a trait that may have helped it bypass Google's Play Protect.

"The banking Trojan has been evolving throughout the year, resurfacing in different versions both on and outside Google Play," said Slovakia-based IT security firm ESET earlier this week. "The variant we discovered on Google Play on September 4 is the first one to successfully combine the recent steps of BankBot’s evolution."

Once the APK (Android application package) installs itself and obtains administrator privileges, the malware steals a person's payment card data by creating a fake overlay for the Play Store app, which comes installed on every Android device.

The next time a victim opens the Play Store, a fake screen that asks for his credit card number appears. Once he enters it, the info is sent directly to hackers.

Bankbot was found hidden inside Jewels Star Classic, a game that entered the Google Play Store on Aug. 26 and was updated on September 4. At the time of its removal three days later, it had been downloaded by at least 5,000 users. 

Here's how to protect yourself from Android malware:

1. Don't open files that you don't recognize.
2. Don't install apps from third-party sources.
3. Install updates as soon as they become available.
4. Use anti-virus software on all Android-based devices.

Learn how to remove malware from Android devices here.

As of last spring, an estimated 1.3 to 1.4 billion people owned Android phones, which are easier to infiltrate than iOS-based devices. The Google-developed operating system is "more open and adaptable" - a growing problem for developers and users.

In 2016, SophosLabs processed more than 8.5 million suspicious Android applications, and more than 50 percent were a form of malicious software or adware.


Popular posts from this blog

Millions of Instagram accounts hacked by Hackers

cloud storage COMPUTERThe Advantages Of Cloud Server Over Dedicated Server

Everything You Wanted to Know About Wireless Charging