Google News & History

BankBot Malware Hits Google Store Once More

BankBot Malware Hits Google Store Once More

In our past articles on online security, we’ve warned you against downloading software from unauthorized sources. But, it turns out that even the app stores cannot be 100% safe nowadays. The Bankbot malware hit the Google Play Store once again.

It started spreading from Turkey at the beginning of this year, but now the USA and UK are also under attack.

The malicious Trojan, the Android.BankBot.149.origin, belongs to the family of viruses which copy the authentic bank payment screen (hence, it’s nickname). Since its first appearance in 2008, expert had declared it dead; however, they were mistaken. The BankBot has made a comeback.

Unfortunately, malware that steals bank account details will always be around. And obviously, the apps stores and online services will probably always be their hunting grounds.

The Android.BankBot.149.origin is extremely malicious. It stays on your Android device even if you’ve deleted the infected app (and if you have antivirus installed, you’ll be informed about the infected file immediately). On installation of the infected application, the trojan asks for administrator privileges. Once those are granted, it deletes the icon and starts monitoring any keyboard activity as well as the text windows content: SMS, chats, whatever. Then the bot imitates the payment screen when you buy something from the game or shop on-line. The same goes for internet banking login screens, PayPal, and others. Unfortunately, there’s no way to check to see if the screen is genuine on your end. And by thinking that your data’s safe, you actually end up hand delivering your credit card number, CVC and password to the culprits.

List of the Apps Monitored

The malware doesn’t slow the device down. It almost always sleeps, only springing up to life when a payable application is brought up. The list of the applications monitored includes:

  • WhatsApp
  • Play Store
  • Messenger
  • Facebook
  • WeChat
  • Youtube
  • Uber
  • Viber
  • Snapchat
  • Instagram
  • Imo
  • Twitter

Malware Scanning the System

Bankbot has the ability to turn off vibration and sound for you to remain ignorant about the incoming SMS, and can delete the text to replace it with the bogus one. Moreover, the malware is very cautious and scans the system for the antivirus software from the list below.

  • Anti-virus Dr.Web Light
  • CM Security AppLock AntiVirus
  • Kaspersky Antivirus & Security
  • ESET Mobile Security & Antivirus
  • Avast Mobile Security & Antivirus
  • Clean Master (Boost&Antivirus)
  • 360 Security – Antivirus
  • AVG AntiVirus FREE for Android
  • Antivirus Free – Virus Cleaner
  • Super Cleaner – Antivirus
  • AndroHelm AntiVirus Android 2017
  • TrustGo Antivirus & Mobile Security
  • Sophos Free Antivirus and Security

Then, it tries to fake the info the security software sends to its server. Still, the experts of the leading antivirus companies have spotted the malware behavior and have come up with a solution.

How to get rid of Android.BankBot.149.origin

  1. Check if you have an antivirus aboard.
  2. Go to the antivirus official site and check if there are any updates concerning the malware in question. If you haven’t got any antivirus at all – install it! (It’s a good time to start using protection anyway).
  3. Run the full scan of your system and follow the recommendations.
  4. Repeat every two or three days.
  5. Or, turn the pro-active protection on; if your antivirus features it.

And again, Google leaves us wondering what the heck is going on with their own security.

Perhaps, they should tweak their entry regulations or something, since allowing this to be downloaded is unacceptable. Look at the Apple Store! Cracking down on the smallest break of the rules can actually pay off!

 

Share
Published by
Steve

Recent Posts

WhatsApp Brings Changes for May 2025: 8 New Features

WhatsApp brings changes for May 2025: discover the eight new features WhatsApp is constantly working…

6 days ago

Google Predicts AGI Could Surpass Humans by 2030

Google Predicts AGI Could Surpass Humans by 2030: Why and What Dangers Lie Ahead Google…

2 weeks ago

Artemis, the Robot That Plays Soccer Like Lionel Messi

Meet ARTEMIS, the robot that plays soccer like Lionel Messi: a global humanoid promise ARTEMIS…

3 weeks ago

Traffic to U.S. e-commerce Sites From AI Chatbots Increased

Traffic to U.S. e-commerce sites from AI chatbots increased by 1,200%. With the arrival and…

4 weeks ago

Never Charge Your Phone in These Specific Places

Warning: Never Charge Your Phone in These Specific Places If you charge your phone anywhere,…

1 month ago

Oppo Find N5: The Foldable That Promises to be Revolutionary

Oppo Find N5: The Foldable Smartphone That Promises to be Revolutionary The Oppo Find N5…

1 month ago