Android users alert! These dangerous apps can steal your bank details

Researchers on Tuesday published a serious warning for Android device owners to watch out for. Eight 'dangerous' apps have been found on Google Play Store that could drain your bank account and even bypass two-factor authentication. Users, if you have any of these apps installed on your phone, you need to delete them immediately.

a hand holding a cell phone © Provided by DNA

That's according to Check Point Research, who explained that what they discovered is a malware dropper, dubbed 'Clast82,' which was spreading via the eight apps. What's scary about the dropper is it has been designed to deliver financial malware. The dropper was also able to avoid being caught by Google Play Protect.

The dropper installs AlienBot Banker, a malware variant that lets an attacker remotely inject malicious code into legitimate financial applications. Clast82 also installs MRAT, a program that gives third parties remote access to your mobile device. 

Together, these two programs can hijack your banking apps, steal financial data, and even intercept two-factor authentication (2FA) codes.

"Upon taking control of a device, the attacker has the ability to control certain functions, just as if they were holding the device physically, like installing a new application on the device, or even control it with TeamViewer," researchers said.

The eight apps in question, along with their package names, are listed below, per Check Point Research:

1. Cake VPN (com.lazycoder.cakevpns)

2. Pacific VPN (com.protectvpn.freeapp)

3. eVPN (com.abcd.evpnfree)

4. BeatPlayer (com.crrl.beatplayers)

5. QR/Barcode Scanner MAX (com.bezrukd.qrcodebarcode)

6. Music Player (com.revosleap.samplemusicplayers)

7. tooltipnatorlibrary (com.mistergrizzlys.docscanpro)

8. QRecorder (com.record.callvoicerecorder)

Here's what to do-

First, go to Settings and then Applications. Scroll down to the infected app, then tap on it and hit Uninstall.

It would probably also be a good idea to change any passwords associated with your financial accounts, too, since accessing those is one of the worries here. 



Popular posts from this blog

How a cyber attack hampered Hong Kong protesters

‘Not Hospital, Al-Shifa is Hamas Hideout & HQ in Gaza’: Israel Releases ‘Terrorists’ Confessions’ | Exclusive

Islam Has Massacred Over 669+ Million Non-Muslims Since 622AD