Massively downloaded apps have stolen thousands of bank credentials

Computer viruses and hackers update themselves in an attempt to trap their victims. Always strong controls and security forces hackers to find new ways. ThreatFabric researchers have released a list of uploaded malicious applications Google Play Store More than 300,000 times before viruses became active.

Applications came in the form of QR code scanners, PDF scanners or wallets Cryptomon. Cybercriminals use a number of methods to bypass Google’s controls and infect users without being detected.

Gain user trust

First, there is no virus load in the applications. Allow users to get used to their application. ThreatFabric researchers explain that “what makes these Play Store malware campaigns so difficult is that the apps all have a very low malicious track.”

Once they get used to the software, users will receive a message asking them to download updates from a source outside the Google Play Store. “This incredible focus on avoiding unnecessary attention makes automated malware detection unreliable,” says ThreatFabric.

Four malware families, Alien, Hydra, Ermac and Anatsa, have been identified by researchers in these applications. The most common family is Anatsa malware. One Bank Trojan Advanced Android with many capabilities such as remote access to computers and the ability to automatically transfer money from victims ‘accounts to’ victims ” accounts.
Pirates.

Victims

To make their software as undetectable as possible, those who distribute this malware took the time to post a large number of positive reviews and install the software on a large number of phones. In addition, applications have the functions they claim. So the victim knows nothing.

Finally, hackers do not send fake updates to all users. “The actors tried to target only the areas they liked,” the researchers explain. “Once all the conditions are met, the payload will be downloaded and installed. “

As researchers explain, it is difficult to distinguish these malicious uses from systematic ones. To avoid unpleasant surprises it is better not to install the application with a small number of users. Finally, it is not recommended to install apps or updates from sources outside the Play Store.