Banking Trojan found hidden in apps on the Google Play Store. The Android operating system makes up 76.82% of the mobile operating system market share worldwide. With so many users, Android is an attractive target for hackers, making it one of the most vulnerable operating systems. In August 2018, Android users were told to be on high alert after it was found that 150 apps on the Google Play Store were found to be loaded with Malware.
Some of these apps get removed from the store, however many fly under the radar. It’s estimated that hackers are developing new malware to target Android devices every 17 seconds. There Is increasing pressure on Google and its security measures when it comes to keeping users’ information safe.
An IT researcher at ESET, Lukas Stefanko. Discovered a banking Trojan hidden within an app on the Play Store. The app was downloaded by over 10,000 users and to date has stolen more than €10,000 (£8,916-$11,730). The Trojan works by bypassing the SMS two-factor authentication process and targets users and banks in Poland, Germany and the Czech Republic.
This malicious software can be hidden in a range of different and unsuspecting apps. Stefanko found a version of this Trojan in a QRecorder, an app designed to record your phone calls. After installing, the app would ask the user for permission to use your apps or information on the device to improve the functionality of the app. Rather than improving functionality, it can then collect your data, as well as manipulating what you see on the device, so no suspicions are flagged. The stolen data would then be send to a command and control center (C&C) where attackers can use it.
Android users are encouraged to keep their operating system software up to date and install anti-virus software to stay safe from these kinds of attacks when downloading apps from the Play Store.