Now Delete These 5 Apps From Your Android Phone Before Your Bank Account Is Threatened

Unlike malicious apps that get drizzled with malware making them hard to list in the Google Play Store (but not impossible, unfortunately), anti-malware software looks like a variety of apps in your garden. But when these apps notify users that an update is ready, what is actually installed is malware that runs in the background and captures your banking information and other personal data.

Banking Trojans work like legitimate apps until you hit the update button

in a new way In a blog post, Amsterdam computer support company Threat Fabric is warning Android users of a new banking Trojan designed to steal login information, account number and other financial information that could help attackers steal your hard-earned cash. Like the Greek Trojan horse, which in all appearances was a gift to the city of Troy to be filled with Greek soldiers inside, the malicious Trojan ambush users by appearing as a legitimate app.

However, the report mentions that this new banking trojan is called Sharkbot and one of the malware is purported to be an app to help users calculate their taxes in Italy. With over 10,000 installs, “Codice Fiscale” has an innocent-looking listing on the Play Store. If opened on a device, the app checks the country in which the phone’s SIM card is registered. If it does not match the Italy code, no malicious behavior will occur.

If opened on a phone with a SIM registered in Italy, the app will open a fake Play Store page with a fake listing for “Codice Fiscale”. This fake listing also revealed the availability of an update for the app, something that all users will probably click on. And while some browsers may warn the user about the update, the phone owner may take comfort from the fact that the app has been installed from the Google Play Store and go ahead with the update.
What was actually loaded onto the phone was the banking trojan mentioned above. And if you think you got away with having your personal information stolen from your banking app because you don’t live in Italy, think again. Another dropper app, “File Manager Small, Lite”, targets banking apps used in other countries such as the US, UK, Austria, Australia, Italy, Germany, Spain and Poland.

Another banking Trojan, called Vultur, was spread by three malware that are also on the Play Store: “Recover Audio, Images & Videos”, “Zetter Authentication” and “My Finances Tracker”. The first app listed has more than 100,000 installs. Vultur tracks all the clicks and gestures that an Android user makes on his/her phone. Similar to Sharkbot, this trick uses a fake update to load malware onto the phone.

Uninstall these 5 apps if they are installed on your Android phone

To combat this malware, we usually suggest checking the comments section for red flags. However, attackers have been known to load the comments section with fake comments. And after the initial installation of one of these apps, you might see a fake Google Play Store listing with fake reviews trying to get you to click the update button. The victim himself inadvertently causes the malware to be downloaded onto his phone.

ThreatFabric says it always reports malware removal programs in an attempt to remove them from app stores. But just because an app has been removed from the App Store does not mean that it has been removed from your phone. So if you have one of these programs installed on your device, uninstall it immediately:

  • Restore audio, photos and videos – 100,000 downloads
  • Tax Code 2022 – 10000 Download
  • Zetter Authentication – 10000 Downloads
  • File Manager Small, Lite – 1,000 Downloads
  • My Finances Tracker – 1000 Downloads
ThreatFabric adds, β€œThe way Android banking Trojans are distributed is very dangerous as victims may remain distrustful for a long time and may not alert their bank about suspicious transactions made without their knowledge. Hence, it is very important to take action on the part of the organization to detect these apps malicious payloads as well as suspicious behavior that occurs on the client machine.”

#Delete #Apps #Android #Phone #Bank #Account #Threatened

Leave a Comment

Your email address will not be published. Required fields are marked *