- Security experts found that despite Google’s security protections for the Play Store, cybercriminals still manage to slip in banking trojans.
- Most of these malware are disguised as real Android apps and are designed to steal and/or leak personal data.
Numerous security experts from across the globe found that despite Google’s security protections, cybercriminals still manage to slip in banking trojans. These malware are often disguised as legitimate Android apps and are designed to steal and/or leak personal data.
ESET security researcher Lukas Stefanko took to Twitter to report three malware-infested Android apps posing as horoscope apps. These bogus, malicious Android apps are capable of stealing SMS messages, banking credentials and call logs. These apps are also capable of sending SMS messages, downloading and installing apps - all without the user’s knowledge.
According to Stefanko, before Google removed the three malicious apps from the Play Store, one of them had been downloaded over 1,000 times while the other two bogus apps were downloaded over 500 times. However, all of the malicious trojans discovered by the ESET researcher managed to evade detection fairly well, Bleeping Computer reported.
Over the past few years, Google has begun proactively detecting and removing fake Android apps periodically. The tech giant has also implemented measures that are aimed at blocking malicious apps from infiltrating the Google Play Store. However, cybercriminals continue to sneak malware past Google’s protections.
Security advisors recommend that Android users thoroughly check app information and developer information before downloading new apps.