These Android apps can steal money from your bank account; uninstall them now
Be careful Android users. According to security researchers at Trend Micro, there has been a growing number of apps containing malware aimed at collecting personal banking information from users. Such data includes a victim's banking credentials, PIN numbers, passwords, and any other information that will help the bad actors steal from an online banking app.
The malware can also intercept text messages and take over infected handsets. Intercepting text messages is bad enough, but stealing banking information is something that can hit you right in the wallet.
Dropper apps are spreading malware that can steal money from Android users' banking apps
The apps that help carry the malware get past Google's Play Store security are called dropper apps. They are aptly named since these apps have a payload consisting of malicious apps which are installed on an infected handset. In its report Trend Micro writes, "Malicious actors have been surreptitiously adding a growing number of banking trojans to Google Play Store via malicious droppers this year, proving that such a technique is effective in evading detection."
Kicked out of the Play Store, make sure none of these apps remain on your phone
Additionally, because there is a high demand for novel ways to distribute mobile malware, several malicious actors claim that their droppers could help other cybercriminals disseminate their malware on Google Play Store." Late last year, Trend Micro discovered a new variant of dropper which it named DawDropper. These apps were originally found in the Google Play Store under the titles:
- Call Recorder APK (com.caduta.aisevsk)
- Rooster VPN (com.vpntool.androidweb)
- Super Cleaner- hyper & smart (com.j2ca.callrecorder)
- Document Scanner - PDF Creator (com.codeword.docscann)
- Universal Saver Pro (com.virtualapps.universalsaver)
- Eagle photo editor (com.techmediapro.photoediting)
- Call recorder pro+ (com.chestudio.callrecorder)
- Extra Cleaner (com.casualplay.leadbro)
- Crypto Utils (com.utilsmycrypto.mainer)
- FixCleaner (com.cleaner.fixgate)
- Just In: Video Motion (com.olivia.openpuremind)
- Lucky Cleaner (com.luckyg.cleaner)
- Simpli Cleaner (com.scando.qukscanner)
- Unicc QR Scanner (com.qrdscannerratedx)
While Google booted these apps out of the Play Store, they could still be on your Android phone. If they are, uninstall them immediately.
Trend Micro adds that "DawDropper’s malicious payload belongs to the Octo malware family, which is a modular and multistage malware that is capable of stealing banking information, intercepting text messages, and hijacking infected devices. Octo is also known as Coper, and it has been historically used to target Colombian online banking users."
Google is also making policy changes to the Google Play Store including the banning of copycat apps
A Google support page (via 9to5Google) also reveals new policy changes being made to the Play Store including one that starts on September 30th and prevents developers from showing full-page ads in mobile games installed from the Play Store if they cannot be closed after 15 seconds. There is an exception if the ad is opt-in and is used to unlock rewards to game players. Also banned are unexpected interstitial ads which appear before the loading screen surfaces, or when a new level starts.
Apps that copy icons, logos, designs, or titles of other apps will be forbidden starting on August 31st. Also on that date, Google will ban certain VPN apps. These are apps that use a Virtual Private Network (hence the "VPN" designation) that sends a user's internet activity through an encrypted connection preventing others from seeing what he or she is doing. The ban is for VPN apps that use the "VPNService" class (which is used to create a VPN connection) from tracking user data or redirecting internet traffic in order to generate "clicks" for ads.
Ironically, one app that could be impacted is pro-privacy firm DuckDuckGo's "App Tracking Protection" app which creates VPNs to block trackers found in other apps.