Despite Google’s privacy and security initiatives, they constantly demonstrate that fraudsters continue to find means of evading the tech giant’s attention and infecting Android devices.
A recent Trendmicro study issues a warning about a number of apps that have banking malware and can empty your checking account. Be cautious.
Infected by DawDropper
This time, the security report emphasizes the DawDropper malware specifically because it seeks to steal data from the financial apps on your phone. PIN numbers, banking information, passwords, and other details were obtained. This malware can even steal money from your bank account because it has the ability to take complete control of the infected device and intercept communicated messages.
DawDropper spreads through malicious apps created by malware writers who can get beyond Google Play Store security measures by downloading code from GitHub or through a third-party cloud service. Then, it installs banking Trojans on infected devices. There are four different banking Trojans that are produced by DawDropper variations, including Octo, Hydra, Ermac, and TeaBot.
The following are just a few of the numerous bad things that malware can do:
- Track and observe user activity on their phone.
- Stealing a resume (including PIN codes, banking credentials, passwords to their banking applications).
- Obtain complete access to the user’s phone calls, contact information, and SMS services.
- Run background scripts to obtain financial application login information.
- Change the lock screen, wallpapers, and browser settings on the device.
- Perform oddities on your device, such starting unauthorized third-party applications or forcing a reboot without your permission.
Malicious Android applications
The following are the malicious apps that use malware that have been discovered in the Google Play Store. Trendmicro has also supplied an image of the most recent icons they had in the official Android shop to assist differentiate those with names that are a little more generic.
Virused by DawDropper applications
- Call Recorder
- Rooster VPN
- Super Cleaner – hyper & smart
- Document Scanner – PDF Creator
- Universal Saver Pro
- Eagle photo editor
- Call recorder pro+
- Extra Cleaner
- Crypto Utils
- Just In: Video Motion
- Lucky Cleaner
- Simpli Cleaner
- Unicc QR Scanner
Due to the distribution of the Coper banking Trojan, the last item on the list, Unicc QR Scanner, was previously also categorized as a harmful application. Additionally, it has the capability of deploying the Octo malware, a banking Trojan that may log and control compromised devices, steal credentials, and utilize your device in fraudulent ways.
It appears to be disguising itself as productivity and utility apps, including call recorders, document and QR code scanners, and VPN services. Users must delete the discovered apps if they are still present on their devices because they are no longer offered in the Play Store. If you discover a malicious app on your device, you can get rid of it by going to the settings on your Android phone, where you can stop and/or uninstall it.