BankBot Malware Found Inside Flashlight and Solitaire Apps on Play Store

Google may be taking more proactive steps to make the Play Store a safer place through a number of new initiatives including Google Play Protect, but Android's malware problem is not showing any signs of abating, equally noted by Nokia in its recently-released 'Threat Intelligence Report for H2 2017′. A new study from security software-maker Avast now suggests that a number of innocuous-looking apps listed on the Play Store until as tardily equally last Fri were actually concealing a unsafe malware that targeted banking transactions of unsuspecting victims. These apps included multiple flashlight, Solitaire and 'trash cleaner' apps that take now been removed from the Play Store by Google.

Known as 'BankBot', the malware is a new version of a well-known banking trojan that has been sneaking into the Play Shop time and again this twelvemonth. While Google previously removed BankBot-carrying apps from the Play Shop inside days, several apps with the latest version of the malware remained agile until Nov 17th, infecting "thousands of users", according to Avast. The trojan is generally undetectable on affected smartphones, but jumped into life whenever a victim opened upwardly legitimate banking software from a number of banks in the U.S. and Europe. The malware then superimposed a fake UI over the clean banking app in an effort to collect the unsuspecting user's bank details.

The malware besides had the ability to intercept bank transaction hallmark numbers (TANs) in some cases, assuasive the cyber criminals to steal money from these accounts. The affected banks include Citibank, Wells Fargo and Chase in the U.Southward., Credit Agricole in France, Santander in Spain, Commerzbank in Germany, amidst others. This particular version of BankBot was first spotted by security researchers at Avast on October 13th. It was found in 'Tornado FlashLight', 'Lamp For DarkNess' and 'Sea FlashLight' apps, every bit well equally 'Archetype Solitaire', 'Spider Solitaire', XDC Cleaner, and a few other rogue apps.

Avast says it has simply been able to place 132 out of the 160 affected banking apps considering the package names are hashed. The company has already uploaded the list on its official blog, where you'll as well detect a comprehensive list of the offending apps. Goes without saying, if you have any of those apps on your device, uninstall them immediately to save yourself from becoming an unwitting victim of cyber-crime.

Source: https://beebom.com/bankbot-malware-flashlight-solitaire-apps-play-store/

Posted by: greenanglover.blogspot.com

Share this post