• Home
  • Apps
  • Apps News
  • Google Play Store Apps That Stole Bank Credentials Were Downloaded 300,000 Times: Report

Google Play Store Apps That Stole Bank Credentials Were Downloaded 300,000 Times: Report

The Android apps posed as QR Scanners, PDF Scanners, or cryptocurrency wallets.

Google Play Store Apps That Stole Bank Credentials Were Downloaded 300,000 Times: Report

Photo Credit: Google

Malware from the Anatsa family were responsible for the most infections

  • Crooks initiated banking malware installations to target specific regions
  • Malicious apps had users download updates from third-party sources
  • Google Play store restrictions were bypassed by reducing apps’ footprint

Malicious Android apps that stole sensitive financial data were downloaded over 300,000 times from the Google Play store, according to a report published by researchers at ThreatFabric. They discovered that users had their banking details stolen by seemingly benign-looking apps. User passwords, two-factor authentication codes, logged keystrokes, and more were siphoned via apps that posed as QR scanners, PDF scanners, or cryptocurrency wallets. These apps are primarily part of four malware families — Anatsa, Alien, Hydra, and Ermac. Google has tried to tackle the problem by introducing several restrictions to seize the distribution of fraudulent apps. This has motivated these cybercriminals to develop ingenious means to bypass the Google Play store restrictions.

In its post, ThreatFabric explained that such applications only introduce the malware content through third-party sources after being downloaded from the Google Play store. These applications reportedly entice users by offering additional content through such third-party updates. In some cases, the malware operators are said to have manually triggered malicious updates after tracking the geographical location of the infected devices.

The malicious Android apps on the Google Play store spotted by the researchers included QR Scanner, QR Scanner 2021, PDF Document Scanner, PDF Document Scanner Free, Two Factor Authenticator, Protection Guard, QR CreatorScanner, Master Scanner Live, CryptoTracker, and Gym and Fitness Trainer.

The biggest perpetrator of such activities has been the Anatsa malware family as per the report, which was downloaded over 100,000 times. Such applications appeared to be legitimate as they had a large number of positive reviews and offered the depicted functionality upon use. However, after the initial download from Google Play, these apps made users install third-party updates to continue using them. The malware installed was then reportedly able to steal banking details and even capture everything shown on the device's screen.

Google published a blog post in April marking out the steps they have taken to deal with such nefarious apps. This included reducing the developer access to sensitive permissions. However, as per a test conducted by German IT security institute AV-Test in July, Google Play Protect failed to provide a competent level of security compared to other prominent anti-malware programs. It was only able to detect around two-thirds of the 20,000 malicious apps that were tested.

The ingenuity of such malware operators has reduced the reliability of automatic malware detectors, the ThreatFabric claims. Users will have to be vigilant regarding the access they grant to applications and the sources they download the apps and their updates from.

What can you expect from Black Friday and Cyber Monday 2021? We discuss this on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated - see our ethics statement for details.

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Siddhant Chandra
Siddhant Chandra is a Consultant Sub Editor at Gadgets 360. This is his first foray into the tech space, having made the switch from travel. He holds a keen interest in keeping up with the latest hardware and software developments in the gaming industry. After work, you can mostly find him playing CS:GO with his buds, where he has clocked over 3K hours. You can reach him at siddhantc@ndtv.com. More
The Book of Boba Fett to Release on Disney+ Hotstar in Hindi, Tamil, Telugu, Malayalam, English
Redmi Note 11T 5G With Dual Rear Cameras, MediaTek Dimensity 810 SoC Launched in India: Price, Specifications
Share on Facebook Tweet Snapchat Share Reddit Comment google-newsGoogle News


Follow Us


© Copyright Red Pixels Ventures Limited 2022. All rights reserved.