Fake banking apps have gone unnoticed for four months
Trade security mechanism Google Play it often comes in contact with various malicious applications and does not always succeed. The latest case is according to the portal AndroidCommunity concerns fake banking applications that have been in business for four months since August this year.
Malicious applications requested update from unknown sources
We are talking about a group of four banking applications called – Anatsa, Alien, Hydra and Ermac. All four contained a Trojan horse and still managed to bypass automatic malware detection in the Google Play store. Users had no idea that the applications they downloaded from Google Play compromised their sensitive information.
The security breach was only discovered by experts from the company ThreatFabric. The malware has been tactically placed in common applications such as PFD scanners, OR code scanners, cryptocurrency applications or authentication applications. However, not everyone who downloaded the application was directly threatened. The attackers focused only on selected regions and directly tracked their victims.
The app itself downloaded from the Google Play store didn’t have to be dangerous automatically. Only after it was downloaded did the victims receive a notification to update the app, but this was to take place outside the Google Play store. If a user ignored a warning that downloading content from a source outside of the Google Play store could be dangerous, they put themselves at risk.
The updated application then requested additional permissions that allowed attackers to take control of the device remotely. Hackers thus relied on user inattention. Therefore, it is always necessary to pay attention to what permissions the application requires and not to install it or its updates from unknown sources.
Our tip
We know the second winner! The Advent Calendar continues until Christmas COMPETITION