Don’t download this malicious Android app! Information technology lets hackers spy on your depository financial institution info, crypto and texts
(Epitome credit: Cleafy Labs)
Google Play Protect, Android’due south built-in protection against malware, is like a distracted depository financial institution security guard. It’due south supposed to keep the bad guys at bay, but every now and and then, it drops the ball and put its users at risk.
In belatedly February, the Cleafy Threat Intelligence and Incident Response team discovered a malware-infected Android app that attracted more than than 10,000 downloads in the Google Play Store.
- The all-time laptops of 2022
- The best video editing laptops of 2022
The app, masquerading as a QR Lawmaking & Barcode Scanner, was actually designed to infect devices with a trojan called TeaBot. Dun, dun, dun!
(Image credit: Cleafy Labs)
TeaBot, also known as Anatsa, is a malware program that spies on users’ sensitive information and steal victims’ credentials. As mentioned, a recent sample revealed that malevolent actors used a dropper app, an innocuous-looking QR Code & Barcode Scanner platform, to distribute TeaBot to unsuspecting users.
Interestingly, the QR Code & Barcode Scanner app appeared to be 18-carat; the reviews indicated that the platform is legitimate and functioned well. However, the app had sinister motives.
“Once downloaded, the dropper volition asking immediately an update through a popup bulletin. Different legitimate apps that perform the updates through the official Google Play Store, the dropper application will request to download and install [TeaBot],” the Cleafy security team said.
Later executing the simulated “update,” TeaBot volition ask unwitting users for sure permissions, including the ability to view and control users’ screens.
(Image credit: Cleafy Labs)
In one case the target accepts these permissions, TeaBot will wreak havoc on the device, allowing hackers to take over the device and siphon sensitive credentials such as banking information, SMS messages, contact data, and more than.
Fortunately, Cleafy informed Google nigh the malicious app. The search-engine tech behemothic removed the malware from the app store. It’south no surreptitious that Google Play Protect is inadequate. In 2021, AV-Examination published a damning written report revealing that Google Play Protect only detected two-thirds of the 20,000 malicious apps in its sample.
It’south worth noting that the TeaBot variant the Cleafy security team discovered is a new one. Information technology now targets crypto wallets and exchanges. On top of that, the original TeaBot only targeted nearly 60 apps; now it can infiltrate more than than 400.
Cleafy’s TeaBot discovery serves equally a reminder that users must be careful with what they download in the Google Play Store. Many apps appear to be harmless, but they have ulterior motives.
Kimberly Gedeon, property a Master’s degree in International Journalism, launched her career as a journalist for MadameNoire’s business vanquish in 2013. She loved translating stuffy stories about the economy, personal finance and investing into digestible, easy-to-empathise, entertaining stories for immature women of color. During her time on the business beat, she discovered her passion for tech as she pigeon into articles most tech entrepreneurship, the Consumer Electronics Show (CES) and the latest tablets. Afterwards 8 years of freelancing, dabbling in a myriad of beats, she’s finally found a home at Laptop Mag that accepts her as the crypto-fond, virtual reality-loving, investing-focused, tech-fascinated nerd she is. Woot!
Source: https://www.laptopmag.com/news/dont-download-this-malicious-android-app-it-lets-hackers-spy-on-your-bank-info-crypto-and-texts