Android users affected by malware-infected apps

Android users have been warned after security experts have discovered that 29 apps on Google Play Store were infected with malicious malware, according to We Live Security, a blog run by IT Firm ESET.

The firm found out that the trojan malware used on these apps give malware operators total control over an Android users device

The Trojan virus affected a range of apps, including ones called “Free Daily Horoscope” and “Power Manager” on the Play Store.

After ESET informed Google of the issue, the infected apps were removed from the Play Store.

However, the majority of infected apps were already downloaded by 30,000 users before Google could remove them.

On the company’s blog post, We Live Security, wrote: “Unlike the increasingly prevalent malicious apps relying purely on impersonating legitimate financial institutions and displaying bogus login screens, these apps belong to the category of sophisticated mobile banking malware with complex functionality and a heavy focus on stealth”.

Researchers believe that the attack was carried out by either a single criminal or a group.

These remotely controlled trojans are also capable of intercepting calls, redirecting text messages and downloading other apps on a device.     

The blog states that they’re able to do this by “obtaining the HTML code of the apps installed on the device and using that code to overlay legitimate apps with bogus forms once the legitimate apps are launched, giving the victim very little chance to notice something is amiss.”

The Trojan virus can also trick users into thinking that the app is incompatible with their device, but it is still “hidden in an encrypted payload located in each app’s assets”.

According to ESET, the main objective of the Trojan is to “impersonate banking apps installed on the victim’s device”, and steal the victim’s money.

ESET didn’t mention if any hacker was successful in raiding victims’ bank accounts.

Researchers mention that the hackers didn’t use any “advanced tricks to ensure their persistence on affected devices”.

ESET advised Android users to simply uninstall any app that looks suspicious on the application manager.

ESET advised users to also check their “bank account for suspicious transactions” and to consider changing their “internet banking password/PIN code”.


Related Posts