The Google Play Retailer has been a breeding floor for malicious Android apps masquerading as innocuous platforms — and it is getting out of hand. In case you missed it, Zscaler ThreatLabz printed a report final Thursday revealing that, throughout the final three months, it found over 50 apps (attracting 500k+ downloads) that had in poor health intentions.
In certainly one of its most up-to-date discoveries, the safety researchers noticed a trojan dubbed Xenomorph hiding inside a harmless-looking life-style app. And it isn’t any ol’ trojan; it is a banking trojan. It is designed to steal your delicate data from banking apps.
Watch out for the Xenomorph
“Todo: Day Supervisor” is the title of the cyber menace. Not solely can it steal credentials from banking functions in your machine, however it will possibly additionally intercept your textual content messages and notifications. This implies it will possibly snatch your one-time passwords and slip by way of any multifactor authentication boundaries.
Upon putting in the app, ToDo: Day Supervisor asks customers to allow sure permissions. As soon as the unwitting sufferer acquiesces to its requests, the app makes itself your machine’s admin — and blocks you from reversing this modification. This ensures that you could’t set up it out of your telephone.
Subsequent, it superimposes an overlay (e.g. a faux login display) on high of legit banking apps put in in your machine, tricking you to enter your credentials. Because of this, chances are you’ll inadvertently hand over your banking data to cybercriminals.
Apparently, the researchers seen that the modus operandi of the Xenomorph trojan is just like one other malicious malware household they found three months in the past: the Coper banking trojan.
“This trojan was equally embedded in apps on the Google Play Retailer and sourced its malware payload from the Github repo,” the report stated.
Thankfully, Google eliminated the malicious threats from the Play Retailer, however this may not be the final banking trojan that can wiggle its means into the Android app retailer. With a lot malware sneaking previous Google Play’s defenses, the search engine big must deploy higher hawk-eyed strategies to maintain cybercriminals at bay.
