A new set of malicious Android apps has been found, which can cause you a lot of financial trouble. As discovered by Check Point Research, 10 malicious apps have been found that contain a new dropper that can inject your smartphones with financial trojans. Also Read - Joker malware back on Google Play store, delete these apps from your phone immediately
If you are thinking about what it means for you, these apps can easily let hackers steal your banking details, in turn, stealing your money. Here’s a look at what is this about. Also Read - These Android apps steal people's Facebook passwords, Delete them now
Get rid of these malicious Android apps, now!
Check Point Research, via a blog post has suggested that 10 Android apps have been infected by the dropper called Clast82, which installs the AlienBot Banker and MRAT to a person’s smartphone. AlienBot is a type of malware that can affect authentic financial apps and steal people’s important details. Also Read - Windows 11 update: When and How to get Android apps on next-gen Windows OS
The malware initially acts innocent while being evaluated by the Google Play Store and to remain undetected, it uses Firebase for command-and-control (C2) communication. It uses GitHub for payload downloads.
The dropper comes with several parameters and to pass Google’s eye, it disables its malign intents and sets them as ‘false.’ Once the evaluation is successful, it turns on its evil mode and drops in payloads to infect people with financial trojans.
With this, the malware can steal people’s banking details, two-factor authentication (2FA) codes, and more, thus, causing financial problems.
The blog post suggests that it poses as a legitimate app for people to forcefully download these apps. “If the infected device prevents installations of applications from unknown sources, Clast82 prompts the user with a fake request, pretending to be ‘Google Play Services’ requesting the user to allow the installation every 5 seconds,” reads the blog post.
CPR contacted Google regarding the same and the infected apps are no longer available on the Play Store. If you have any of these apps on your device, delete them now!
1. Cake VPN
2. Pacific VPN
6. QR/Barcode Scanner MAX
8. Music Player
To remain safe from such apps, it’s best advised to know about a particular app before downloading. You can also install security software on your smartphone to detect the malign nature of an app before it is downloaded.