Some apps bypass security on the Google Play Store. They seem inconspicuous, but dangerous Trojans lurk behind them.
Munich/Dortmund: Many people do their banking with their smartphone. To do this, download the apps from providers like savings bankVolksbank or N26 down. But these apps aren’t always what they claim to be. Cybercriminals are increasingly using the growing popularity of this form of banking for their own ends, reports Merkur.de.
Bank Account at Risk: These Apps Should Be Removed From Your Smartphone Immediately
I like online magazine technology book informed, criminals use so-called dropper applications to install malware on smartphones. These applications can be opened normally from the Google Download PlayStore.
The user does not suspect either, since the app fulfills its mission. Only when the dropper app requests an update and the user agrees, is malware installed, for example, Trojans that transmit account data stored on the smartphone to criminals (more digital news in RUH24).
In a blog post published in October 2022, the Dutch cybersecurity company ThreatFabric reports on two major campaigns using five dropper apps to smuggle the “Vultur” and “Sharkbot” Trojans onto smartphones.
Banking applications become a trap: up to 100,000 downloads in the Google Play Store
“Vultur” discovered ThreatFabric in July 2021. The malware steals personal data through keylogging. This means that the malware can read the inputs on the smartphone screen, for example the banking app password, and forward them to the criminals. The malicious program is even capable of launching a remote session and thus performing actions on the devices.
ThreatFabric recently found three new dropper apps for “Vultur” on the Google Play Store, achieving between 1,000 and 100,000 downloads. These are the following applications:
- tracker of my finances
- Zetter Authentication
- Recover audio, images and videos
My Finances Tracker or File Manager Small: Definitely remove apps – Trojan risk
It was not until early October 2022 that ThreatFabric detected a new campaign with the “Sharkbot” Trojan. Criminals use apps for this:
- Tax Code 2022
- File Manager Small, Lite
Codice Fiscale addresses smartphone owners in Italy. The app, which has been downloaded more than 100,000 times, is used to calculate taxes. The skill of the programmers is shown in the fact that the application checks if the SIM card registered in Italy.
Otherwise, Sharkbot will not download. On the other hand, if an Italian SIM card is detected, a fake Google Play Store page is opened, through which the Trojan is installed on the smartphone instead of an update. The “Sharkbot” then tries to access data from banking apps on the smartphone.
The procedure is identical for the second application “File Manager Small, Lite”. However, the app is aimed at an international clientele, including users from Germany.
Smartphone Trojan Security: Dangerous Apps Must Be Removed Immediately
All five apps have since been removed from the App Store. other dangerous applications before. If you have already installed them on your smartphone, you should remove them immediately. This is the only way to avoid the risk of becoming a victim of fraud.
Image of list of rubrics: © Cavan Images/Imago
Introvert. Beer guru. Communicator. Travel fanatic. Web advocate. Certified alcohol geek. Tv buff. Subtly charming internet aficionado.