Android apps that steal bank details downloaded 300,000 times in just 4 months

  • A total of 12 apps containing Android banking Trojans were discovered in the Google Play Store.
  • These apps are capable of stealing banking information and erasing the victim’s bank account.
  • The applications were distributed within four months and downloaded 300,000 times.

Google has improved the security of the Play Store, but there are still apps with malware that manage to sneak inside. Researchers have now discovered a total of 12 apps in the Play Store that have been used to steal people’s bank details, and these apps have been downloaded 300,000 times.

These apps masqueraded as QR code scanners, PDF scanners and even cryptocurrency wallets, according to researchers at ThreatFabric. The applications belonged to four Android malware versions, and were designed to steal people’s online banking passwords as well as two-factor authentication codes. The malware even captured keystrokes and could take screenshots of users’ phones.

So how did apps get around Google’s security check? These apps were first distributed as legitimate malware free apps and performed as advertised which made users think there was nothing wrong here. The apps also had positive reviews on the Google Play Store, which would make them more legitimate. Users were then prompted to install software updates from third-party sources for additional functionality.

Thanks to these updates, a very advanced android banking trojan “Anatsa” would be installed in the phones of the victims. This Android Trojan is capable of giving hackers remote access to a victim’s phone and wiping their bank account by transferring all the money to their account. In addition to Anatsa, these apps also contained other Android malware including Alien, Hydra, and Ermac.

Among the types of apps that this malware was injected into, the most popular were scanning apps, an encryption tracking app, and training apps. These apps with four major families of Android malware spread in just four months and have been downloaded 300,000 times.

ThreatFabric also pointed out that this is actually a small malicious fingerprint, and this is due to new Google Play restrictions that limit app permissions such as the Accessibility Service. This was one of the commonly used methods of installing malware on phones, but hackers now resort to downloading updates after installing the app.


Best of 2021 India Awards from Google Play: BGMI, Garena Free Fire MAX, Bitclass and Clubhouse topped the charts this year

Valorant Mobile: Gameplay, Release Date and What to Expect

About Marion Browning

Check Also

Cross-platform messaging scam makes a comeback on social media ::

By Donna Natosi, WRAL Editor-in-Chief What’s old is new again in a resurgent social media …