Android users should check their phones right away to make sure none of these malware packed apps are installed on their devices. The latest attack discovered by the Bitdefender team shows that hackers are relying on new methods to gain access to devices and all of the highly personal data we store on them. Those attacked by these malicious apps could see private text messages and even bank account details sent directly to criminals without ever realizing that an attack occurred. With Google’s Play Store now much more secure, it is becoming increasingly difficult for cyber thieves to smuggle malicious software into this hugely popular marketplace.
Instead, they create fake applications outside of Google’s official digital play store and seduce users by promising antivirus software, access to free TV services, and more.
In contrast to Apple’s iOS, Google allows owners of Android smartphones and tablets to approve downloads from outside their own app store. While this gives users greater control over their own devices, it also poses risks to the devices.
“Criminals appreciate the ability to distribute malware directly from app stores, but it’s not easy,” explains Bitedender. “Instead, they are opting for the next available method – mimicking top-notch apps in the hopes of getting at least some users to download and install their malicious versions.”
READ MORE: These apps are wrecking your smartphone’s battery life, so you should probably delete them
Once users are tricked into installing them, they will be attacked by a new type of virus called Teabot that has the ability to stream anything on the screen straight back to the cyber crooks.
That means, personal SMS to partners, the query of your mobile banking app and of course the card data when shopping online can be viewed and stolen. Bitdefender says it identified a strange distribution method for the new attack with crooks using a fake ad blocker that acts as a dropper for the malware.
Once the apps are downloaded and installed, they look like official services and a user is unlikely to go wrong until it’s too late.
Some of the apps to watch out for include:
• Uplift: health and wellness app
• BookReader
• PlutoTV
• Kaspersky: Free virus protection
• VLC media player
Official versions of these apps that are not affected by the malware have been downloaded over 50 million times and it appears that hackers are using their huge popularity to go unnoticed. Bitdefender says the campaign to distribute these apps in the wild is still active and is cause for concern.
“TeaBot is the newest family of Trojan bankers,” said Bitedender. “According to an early analysis report, the malware can carry out overlay attacks through Android Accessibility Services, intercept messages, perform various keylogging activities, steal Google authentication codes and even take full control of Android devices.”
If you think you have any of the fake apps listed above on your phone, you should delete it right away.
Bitdefender has also issued advice on how to avoid the threat, with security experts saying, “The best way to avoid infection is to never install apps outside of the official store. Also, never tap any links in messages and always be aware of your Android app permissions. “
