Delete these Android apps that inject your phones with financial malware - Android

New malicious Android apps have been found that can infect your smartphones and steal your financial information. Read on to know more.

The post Delete these Android apps that inject your phones with financial malware appeared first on BGR India.

A new set of malicious Android apps has been found, which can cause you a lot of financial trouble. As discovered by Check Point Research, 10 malicious apps have been found that contain a new dropper that can inject your smartphones with financial trojans.

If you are thinking about what it means for you, these apps can easily let hackers steal your banking details, in turn, stealing your money. Here’s a look at what is this about.

Get rid of these malicious Android apps, now!

Check Point Research, via a blog post has suggested that 10 Android apps have been infected by the dropper called Clast82, which installs the AlienBot Banker and MRAT to a person’s smartphone. AlienBot is a type of malware that can affect authentic financial apps and steal people’s important details.

The malware initially acts innocent while being evaluated by the Google Play Store and to remain undetected, it uses Firebase for command-and-control (C2) communication. It uses GitHub for payload downloads.

The dropper comes with several parameters and to pass Google’s eye, it disables its malign intents and sets them as ‘false.’ Once the evaluation is successful, it turns on its evil mode and drops in payloads to infect people with financial trojans.

With this, the malware can steal people’s banking details, two-factor authentication (2FA) codes, and more, thus, causing financial problems.

The blog post suggests that it poses as a legitimate app for people to forcefully download these apps. “If the infected device prevents installations of applications from unknown sources, Clast82 prompts the user with a fake request, pretending to be ‘Google Play Services’ requesting the user to allow the installation every 5 seconds,” reads the blog post.

CPR contacted Google regarding the same and the infected apps are no longer available on the Play Store. If you have any of these apps on your device, delete them now!

1. Cake VPN

2. Pacific VPN

3. eVPN

4. BeatPlayer

5. BeatPlayer

6. QR/Barcode Scanner MAX

7. eVPN

8. Music Player

9. tooltipnatorlibrary

10. QRecorder

To remain safe from such apps, it’s best advised to know about a particular app before downloading. You can also install security software on your smartphone to detect the malign nature of an app before it is downloaded.