In our past articles on online security, we’ve warned you against downloading software from unauthorized sources. But, it turns out that even the app stores cannot be 100% safe nowadays. The Bankbot malware hit the Google Play Store once again.
It started spreading from Turkey at the beginning of this year, but now the USA and UK are also under attack.
The malicious Trojan, the Android.BankBot.149.origin, belongs to the family of viruses which copy the authentic bank payment screen (hence, it’s nickname). Since its first appearance in 2008, expert had declared it dead; however, they were mistaken. The BankBot has made a comeback.
Unfortunately, malware that steals bank account details will always be around. And obviously, the apps stores and online services will probably always be their hunting grounds.
The Android.BankBot.149.origin is extremely malicious. It stays on your Android device even if you’ve deleted the infected app (and if you have antivirus installed, you’ll be informed about the infected file immediately). On installation of the infected application, the trojan asks for administrator privileges. Once those are granted, it deletes the icon and starts monitoring any keyboard activity as well as the text windows content: SMS, chats, whatever. Then the bot imitates the payment screen when you buy something from the game or shop on-line. The same goes for internet banking login screens, PayPal, and others. Unfortunately, there’s no way to check to see if the screen is genuine on your end. And by thinking that your data’s safe, you actually end up hand delivering your credit card number, CVC and password to the culprits.
The malware doesn’t slow the device down. It almost always sleeps, only springing up to life when a payable application is brought up. The list of the applications monitored includes:
Bankbot has the ability to turn off vibration and sound for you to remain ignorant about the incoming SMS, and can delete the text to replace it with the bogus one. Moreover, the malware is very cautious and scans the system for the antivirus software from the list below.
Then, it tries to fake the info the security software sends to its server. Still, the experts of the leading antivirus companies have spotted the malware behavior and have come up with a solution.
And again, Google leaves us wondering what the heck is going on with their own security.
Perhaps, they should tweak their entry regulations or something, since allowing this to be downloaded is unacceptable. Look at the Apple Store! Cracking down on the smallest break of the rules can actually pay off!
New AirPods features introduced with iOS 26 Here's a detailed look at the new AirPods…
WatchOS 26 marks a major leap for the Apple Watch, integrating AI-powered features that make…
How to Make a Photo with Your Favorite Artist or Superhero Using Gemini AI Google's…
Apple September 2025 Keynote Highlights: iPhone 17, iPhone Air, AirPods Pro 3 & More Revealed…
EU Hits Google with Record €2.95 Billion Fine Over Ad Tech Abuses Why Europe is…
To cancel or prevent future updates on an Android phone, use built-in device settings to…