Banking malware that impersonates Google Play app targets Android users

Bankbot has evolved during the past year, developing new ways to dupe users

Bankbot has evolved during the past year, developing new ways to dupe users

Bankbot has evolved during the past year, developing new ways to dupe users

Banking Trojan Bankbot has made its way into the Google Play Store again, just months after its first removal in April.

Initially discovered in early 2017, the malware created fake overlay screens that looked like the login pages of popular banking apps. Once you entered your username and password, the data was passed onto cybercriminals.

But the newest Bankbot is even smarter than previous versions - waiting 20 minutes after its download before installing itself - a trait that may have helped it bypass Google's Play Protect.

"The banking Trojan has been evolving throughout the year, resurfacing in different versions both on and outside Google Play," said Slovakia-based IT security firm ESET earlier this week. "The variant we discovered on Google Play on September 4 is the first one to successfully combine the recent steps of BankBot’s evolution."

Once the APK (Android application package) installs itself and obtains administrator privileges, the malware steals a person's payment card data by creating a fake overlay for the Play Store app, which comes installed on every Android device.

The next time a victim opens the Play Store, a fake screen that asks for his credit card number appears. Once he enters it, the info is sent directly to hackers.

Bankbot was found hidden inside Jewels Star Classic, a game that entered the Google Play Store on Aug. 26 and was updated on September 4. At the time of its removal three days later, it had been downloaded by at least 5,000 users. 

Here's how to protect yourself from Android malware:

1. Don't open files that you don't recognize.
2. Don't install apps from third-party sources.
3. Install updates as soon as they become available.
4. Use anti-virus software on all Android-based devices.

Learn how to remove malware from Android devices here.

As of last spring, an estimated 1.3 to 1.4 billion people owned Android phones, which are easier to infiltrate than iOS-based devices. The Google-developed operating system is "more open and adaptable" - a growing problem for developers and users.

In 2016, SophosLabs processed more than 8.5 million suspicious Android applications, and more than 50 percent were a form of malicious software or adware.

Comments

Post a Comment

Popular posts from this blog

How to use iCloud for backups on your iPhone, iPad, or Mac

Image
Anyone immersed in the Apple ecosystem can readily access iCloud for no extra charge, but many don't know how to make the most of it. iCloud is not an application, but rather an application suite, one that's directly baked into the framework of nearly all Apple products. It's designed to be a repository of your digital life, a place to store and backup your photos, personal files, and application data so you never lose anything. Despite its slick design and simple execution however, setting it up for the first time can be a pain. So here it is, our guide on how to use iCloud. Setting up & signing into iCloud Signing up with iCloud is completely free and simple to do with an Apple ID. Each free account automatically grants you access to 5GB of remote storage — available for backups, mail, app data, documents, and other components stored in the cloud — with 50GB, 200GB, and 2TB storage offerings available at an  additional cost . If your devices are recent, you s
Read more

Millions of Instagram accounts hacked by Hackers

Image
Instagram accounts hacked by Hackers Instagram accounts users has to be more careful due to the recent alerts from the Instagram since some hours back. They are updating both verified and unverified Instagram account users about their safety from the hackers. After iCloud’s attack, this Instagram account hacking is the most second greatest attacks from hackers on the web. Millions of Instagram accounts are already hijacked including great celebrities’. The worst part of it is that, these hackers are now trading with the Instagram accounts users’ contacts and emails. Those keywords are: insurance, wGu edu , Colarado State university, Jyoti Sharma, Health care, Mesothelioma Law Firm, Donate Car to Charity California, Donate Car for Tax Credit, Donate Cars in MA, Donate Your Car Sacramento, How to Donate A Car in California, Sell Annuity Payment, Donate Your Car for Kids, Asbestos Lawyers, Structures Annuity Settlement, Car Insurance Quotes Colorado, Annuity Settlements.
Read more

Everything You Wanted to Know About Wireless Charging

Image
Image: Apple Years after it first appeared, wireless charging has finally arrived on the iPhone—but what is this magical charging method that’s been on other big phones for a couple of years now? And is it really all that superior to just plugging your phone into the wall every night? Here’s what you need to know about wireless charging, and the kit you need to make it work. How wireless charging works Image: PowerbyProxi The key to wireless (or inductive) charging are electromagnetic fields, used to transfer energy from one place (a charging mat) to another (your phone) through the magic of  electromagnetic induction . Essentially you’ve got two physical coils, one which converts energy into an electromagnetic field that can travel wirelessly, and one which converts that floating field back into energy again—the two coils form a  transformer . That’s why the wireless charging cat was out of the bag as soon as a coil was spotted in  leaked schematics  for the  iPhone 8 . If
Read more