In our past articles on online security, we’ve warned you against downloading software from unauthorized sources. But, it turns out that even the app stores cannot be 100% safe nowadays. The Bankbot malware hit the Google Play Store once again.
It started spreading from Turkey at the beginning of this year, but now the USA and UK are also under attack.
The malicious Trojan, the Android.BankBot.149.origin, belongs to the family of viruses which copy the authentic bank payment screen (hence, it’s nickname). Since its first appearance in 2008, expert had declared it dead; however, they were mistaken. The BankBot has made a comeback.
Unfortunately, malware that steals bank account details will always be around. And obviously, the apps stores and online services will probably always be their hunting grounds.
The Android.BankBot.149.origin is extremely malicious. It stays on your Android device even if you’ve deleted the infected app (and if you have antivirus installed, you’ll be informed about the infected file immediately). On installation of the infected application, the trojan asks for administrator privileges. Once those are granted, it deletes the icon and starts monitoring any keyboard activity as well as the text windows content: SMS, chats, whatever. Then the bot imitates the payment screen when you buy something from the game or shop on-line. The same goes for internet banking login screens, PayPal, and others. Unfortunately, there’s no way to check to see if the screen is genuine on your end. And by thinking that your data’s safe, you actually end up hand delivering your credit card number, CVC and password to the culprits.
The malware doesn’t slow the device down. It almost always sleeps, only springing up to life when a payable application is brought up. The list of the applications monitored includes:
Bankbot has the ability to turn off vibration and sound for you to remain ignorant about the incoming SMS, and can delete the text to replace it with the bogus one. Moreover, the malware is very cautious and scans the system for the antivirus software from the list below.
Then, it tries to fake the info the security software sends to its server. Still, the experts of the leading antivirus companies have spotted the malware behavior and have come up with a solution.
And again, Google leaves us wondering what the heck is going on with their own security.
Perhaps, they should tweak their entry regulations or something, since allowing this to be downloaded is unacceptable. Look at the Apple Store! Cracking down on the smallest break of the rules can actually pay off!
Thousands of Scams on WhatsApp: They Impersonate the Voices of Your Parents and Best Friends,…
Credential Stuffing: Increasingly Devastating in France This formidable technique explains the surge in cyberattacks in…
Mysterious Case: Users Report Hearing Strange Voices on Their iPhones Affected phones may have privacy…
Xiaomi Announced Poco C75 Mid-range Smartphone The Poco C75 is a newly announced mid-range smartphone…
Meta Conducts Tests to Implement Facial Recognition Technology Meta, the company behind social media platforms…
The 5 Best Apple Intelligence Features You Can Try in iOS 18.1: Experience Apple Intelligence…