Google removed the harmful Android Apps that were stealing Personal Information of Users
For four months, twelve Android apps had thwarted the protection of the Play Store. They enabled the collection of personal data including bank information. They were very difficult to spot. Google removed them.
They are twelve in number and it took some time for them to be discovered as a Threat
This is a bundle of hacked apps from Play Store for Android. They passed the security systems. Downloaded more than 300,000 times in the past four months, they contained banking Trojans that hijacked user passwords and two-factor authentication codes. Keystrokes were also noted and the malware also took the opportunity to take screenshots. Apparently good applications like a QR code scanner or PDF creation or even cryptocurrency management contained up to four families of malware. The researchers had trouble detecting the malicious load of these applications, and it is precisely thanks to this weak signature that they have slipped under the radar of Google’s automatic detection systems. It should be noted that after the application was installed, the payloads were brought back in the form of updates from sources other than the Play Store.
Malware installation updates
The creators of this malware are clever because, in order to remain unnoticed, the installation of the malicious code was not systematic and only targeted certain geographic areas. Likewise, the apps looked legitimate and had positive reviews. They functioned normally and usually did the job they were designed for. The most successful banking Trojan is called Anatsa. The other three are called Alien, Hydra and Ermac. All were vaccinated via a module called Gymdrop. By not systematically looking for the payload, it was he who made it possible not to attract the attention of security systems.
This new type of virus steals passwords on Android
During the last week, nine million smartphones have been contaminated by an existing application In Huawei’s AppGallery, malware detection remains one of the top concerns in app stores, and Google in particular. In the last decade, many infected applications have found their way into the Play Store. They will be removed immediately upon discovery; But as this example shows, despite advanced protection systems, hackers are always one step ahead to fool them.