According to new research conducted by several security firms, several Flashlight and Solitaire apps found on the Google Play Store could be stealing your bank details. Scary, right? Well, it is, and even Google’s Play Protect scans couldn’t detect the malware.
The malware, known as BankBot, delivers malicious payload to the users device using a command & control server. Once the user downloads the affected app, the malware would wait a few hours before downloading the payload automatically, or if Unknown sources isn’t enabled, then it would ask the user permission to download the payload.
Read: Toastamigo malware affects Google Play Store
The download would appear as a Google Play or required update for the app, fooling the users. The BankBot malware is mainly targeted towards banking apps from
. The malware could affect users anywhere in theThis new version of BankBot was discovered last month by the Avast team, with help from ESET and SfyLabs. Some of the affected apps include; Lamp for Darkness, Sea FlashLight, XDC Cleaner, Classic Solitaire, and Spider Solitaire. Don’t worry though, as these apps have now been removed from the Play Store. But, if you’ve got any of these installed on your phone, then we recommend you immediately remove them and contact your bank for suspicious activities.
As per the report, the malware was able to create a fake login page over the banking app, so it can capture login details. There are chances that hackers would release more apps that contain this malware, so you will have to be careful when downloading such apps.
How can you protect yourself from such malware? Well, make sure you are using authentic banking apps, turn on two-factor authentication if available, don’t download apps from unknown sources, read the permissions before accepting them, and do not give device administrator access to any such apps.
Discussion