In our past articles on online security, we’ve warned you against downloading software from unauthorized sources. But, it turns out that even the app stores cannot be 100% safe nowadays. The Bankbot malware hit the Google Play Store once again.
It started spreading from Turkey at the beginning of this year, but now the USA and UK are also under attack.
The malicious Trojan, the Android.BankBot.149.origin, belongs to the family of viruses which copy the authentic bank payment screen (hence, it’s nickname). Since its first appearance in 2008, expert had declared it dead; however, they were mistaken. The BankBot has made a comeback.
Unfortunately, malware that steals bank account details will always be around. And obviously, the apps stores and online services will probably always be their hunting grounds.
The Android.BankBot.149.origin is extremely malicious. It stays on your Android device even if you’ve deleted the infected app (and if you have antivirus installed, you’ll be informed about the infected file immediately). On installation of the infected application, the trojan asks for administrator privileges. Once those are granted, it deletes the icon and starts monitoring any keyboard activity as well as the text windows content: SMS, chats, whatever. Then the bot imitates the payment screen when you buy something from the game or shop on-line. The same goes for internet banking login screens, PayPal, and others. Unfortunately, there’s no way to check to see if the screen is genuine on your end. And by thinking that your data’s safe, you actually end up hand delivering your credit card number, CVC and password to the culprits.
The malware doesn’t slow the device down. It almost always sleeps, only springing up to life when a payable application is brought up. The list of the applications monitored includes:
Bankbot has the ability to turn off vibration and sound for you to remain ignorant about the incoming SMS, and can delete the text to replace it with the bogus one. Moreover, the malware is very cautious and scans the system for the antivirus software from the list below.
Then, it tries to fake the info the security software sends to its server. Still, the experts of the leading antivirus companies have spotted the malware behavior and have come up with a solution.
And again, Google leaves us wondering what the heck is going on with their own security.
Perhaps, they should tweak their entry regulations or something, since allowing this to be downloaded is unacceptable. Look at the Apple Store! Cracking down on the smallest break of the rules can actually pay off!
Meta Conducts Tests to Implement Facial Recognition Technology Meta, the company behind social media platforms…
The 5 Best Apple Intelligence Features You Can Try in iOS 18.1: Experience Apple Intelligence…
Tesla to Make a Major Presentation on October 10: Are Robotaxis Finally Here? Tesla has…
Tired of Your iPhone Battery Dying Quickly? Here Are 8 Tips to Extend Battery Life…
Apple Ordered to Pay 13 Billion Euros by the EU: Behind a Historic Decision This…
A Few Words About the New Huawei Mate XT Smartphone Huawei has released a new…