You have access to hundreds of thousands of apps on your Android phone, but not all of them have good intentions. While some engage in kidnapping-related activities, some apps can snatch your private information. Google removes malicious apps from the Google Play Store over and over again, but due to the nature of Android, it’s easy to replicate them. A new report now highlights at least five apps that can be harmful to your phone and steal your sensitive information.
According to Threat Fabric, an Amsterdam-based cyber security firm, five Android apps that look like regular apps used for productivity-related tasks could be stealing your data outside of your information. These Trojan malware-based dropper apps can snatch users’ login information, account numbers and bank-related details from your phone. They use a new banking Trojan to steal your banking information without your knowledge.
Essentially, malware droppers masquerade as garden-variety apps. Think of them as regular apps that are benign because initially, they don’t harm your phone, which is why malware-checking platforms give them a free pass. But when these apps notify you that an update is ready to be installed, then they start installing malware on your phone. Following are the apps that you should remove from your phone immediately:
- File Manager Small, Light
— My Finance Tracker
- setter authentication
— Codis Fiscal 2022
— Recover audio, pictures and videos
as Told By the team of researchers, Sharkbot, the Trojan malware behind these apps, has already made its way into markets including the US, UK, Austria, Australia, Italy, Germany, Spain and Poland. While the first two apps have around 1,000 downloads on the Google Play Store, the last three have over 100,000 downloads, which means they have targeted more people.
The report cited the working process of the Codice Fiscale app which seems harmless sitting in the Google Play Store. But when you open the app in your phone, it checks the country where the SIM card used on your handset is registered. Since this app is for Italy, it checks whether your code is for Italy or not. If not, there will be no malicious behavior.
However, if your SIM is registered in Italy, the app will open a fake listing that looks like the app with the same name inside the Play Store. This will suggest that an update is available for the app. Since the whole mechanism is clever, a user usually falls for this bogus listing and taps the update button. That is when the app starts downloading malware to your phone.
“Such a method of distribution of Android Banking Trojans is very dangerous because victims can go unnoticed for a long time and not alert their bank about suspicious transactions done without their knowledge. It is thus very important to take action on the part of the organization to detect such malicious apps and their payloads as well as suspicious behavior taking place on the customer’s device,” ThreatFabric said in its report.
Post Stop Using These Android Apps Now! They can be harmful to your phone First appeared on BGR India.
