Android users should check their phones immediately to ensure they don’t have any of these malware-packed apps installed on their devices. The latest attack, discovered by the team at Bitdefender, shows hackers are relying on new methods to try and gain access to devices and all the highly personal data we store on them. Those targeted by these malicious apps could see private text messages and even bank account details sent straight to criminals without ever noticing an attack has taken place. With Google’s Play Store now far more secure it’s getting harder for cyber thieves to sneak malicious software onto this hugely popular marketplace.
So, instead, they are creating fake applications outside of Google’s official digital Play Store, tempting users by promising anti-virus software, access to free TV services, and more.
Unlike Apple’s iOS, Google does allow Android smartphone and tablet owners to approve downloads from outside its own app store. While this enables users greater control over their own gadgets – it does also open-up the devices to risks.
“Criminals welcome the opportunity to spread malware directly from app stores, but that isn’t easy,” Bitedender explained. “Instead, they go for the next available method – imitating top-rated apps in the hopes of tricking at least some users into downloading and installing their malicious versions.”
Once duped into installing them, users are then targeted by a new type of virus called Teabot which has the ability to live stream everything on the screen straight back to the cyber crooks.
That means personal texts to partners, checking your mobile banking app and of course, card details when online shopping can all be viewed and stolen. Bitdefender says it has identified a strange distribution method for the new attack with crooks using a fake Ad Blocker that acts as a dropper for the malware.
Once the apps are then downloaded and installed they look like official services and it’s unlikely a user would spot anything is wrong until it’s too late.
The apps to watch out for include:
• Uplift: Health and Wellness App
• Kaspersky: Free Antivirus
• VLC MediaPlayer
Official versions of these apps, which are not affected by the malware, have been downloaded over 50 million times and it seems hackers are using their huge popularity in an attempt to go unnoticed. Bitdefender says the campaign to distribute these apps in the wild remains active and is of serious concern.
“TeaBot is the newest banker trojan families,” said Bitedender. “According to an early analysis report, the malware can carry out overlay attacks via Android Accessibility Services, intercept messages, perform various keylogging activities, steal Google Authentication codes, and even take full remote control of Android devices.”
If you think you have one of the fake apps listed above on your phone then you should delete them immediately.
Bitdefender has also issued advice on how to avoid the threat in the first place with the security experts saying, “The best way to avoid infection is never to install apps outside the official store. Also, never tap on links in messages and always be mindful of your Android apps permissions.”
Published at Tue, 01 Jun 2021 16:21:00 +0000