A WARNING over criminal Google Play apps that can hack your bank account has been issued by cyber-experts.
The urgent note warns over dodgy Android apps that have been downloaded over 300,000 times.
The apps would pose as genuine software – before hijacking your systemCredit: ThreatFabric
Apps would quietly install small malware updates over time, circumventing Google’s checksCredit: ThreatFabric
These apps are known as banking trojans – designed to log your keystrokes as you access your accounts.
Hackers would create these apps to look like scanners for PDFs or QR codes, fitness guides, or wallets for cryptocurrency.
But instead, they would read your bank passwords, login codes and even take silent screenshots.
Cyber-experts at ThreatFabric exposed the sinister hack attack, describing it as highly sophisticated.
“Policing by Google has forced actors to find ways to significantly reduce the footprint of dropper apps,” ThreatFabric explained.
“By introducing carefully planned small malicious code updates over a longer period in Google Play.”
The apps used four different “families” of malware to hijack user logins.
And they used clever methods to circumvent Google’s usual checks to prevent malware making it on to Android’s official App Store.
This allowed the hackers to quickly scale up their campaign.
“In the span of only four months, four large Android families were spread via Google Play, resulting in 300,000+ infections via multiple dropper apps,” said ThreatFabric.
The apps would appear harmless at first, but then deliver updates to introduce dangerous malware over time.
Cyber-experts also warn that the malware was so sophisticated that even virus detectors struggled to uncover their nefarious actions.
List of dangerous Android apps
Here’s the list of apps as revealed by ThreatFabric…
- Two Factor Authentication – com.flowdivision
- Protection Guard – com.protectionguard.app
- QR CreatorScanner – com.ready.qrscanner.mix
- Master Scanner Live – com.multifunction.combine.qr
- QR Scanner 2021 – com.qr.code.generate
- QR Scanner – com.qr.barqr.scangen
- PDF Document Scanner – Scan to PDF – com.xaviermuches.docscannerpro2
- PDF Document Scanner – com.docscanverifier.mobile
- PDF Document Scanner Free – com.doscanner.mobile
- CryptoTracker – cryptolistapp.app.com.cryptotracker
- Gym and Fitness Trainer – com.gym.trainer.jeux
- Gym and Fitness Trainer – com.gym.trainer.jeux (reupload)
If any of these apps are installed on your Android phone, it’s worth deleting them immediately.
You should also consider changing your banking passwords, and checking your accounts for strange behaviour.
The dodgy malware began appearing in Google Play Store apps around August 2021Credit: ThreatFabric
- Read all the latest Phones & Gadgets news
- Keep up-to-date on Apple stories
- Get the latest on Facebook, WhatsApp and Instagram
Best Phone and Gadget tips and hacks
Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered…