Fake apps  - Fake apps 2 - Hackers Uploaded Fake Apps into Google Play Store

finance based into the to steal credit card details and login credentials to the targeted bank or service. The malicious apps found to be uploaded into the Google in June 2018 and they have been downloaded thousands of times.

These malicious apps use bogus phish forms to collect the credit card details and internet banking credentials from the victims. The fake apps were spotted by the Security researchers from ESET and these apps are uploaded under different usernames.

The main motive of the attackers is to steal the sensitive information from users and the apps impersonated six banks form the following countries New Zealand, Australia, the United Kingdom, Switzerland and Poland, and the Austrian based cryptocurrency exchange Bitpanda.

Fake apps  - Fake apps - Hackers Uploaded Fake Apps into Google Play Store

How do the Fake Apps work

These apps one launched displays forms requesting credit card details or the login credentials if the targeted banks or services and once the victim inputs the credentials it says “Congratulations” or “Thank you” and the app function ends at that point.

Fake apps  - Fake apps1 - Hackers Uploaded Fake Apps into Google Play StoreESET reported the fake apps to Google and the apps have been removed from the Google play now, users are advised to uninstall the fake apps immediately if you have it in your system and to change the login credentials.

Common Defences and Mitigations

  • Give careful consideration to the permission asked for by applications.
  • Download applications from trusted sources.
  • Stay up with the latest version.
  • Encrypt your devices.
  • Make frequent backups of important data.
  • Install anti-malware on their devices.
  • Stay strict with CIA Cycle.

Related Read

Most Important Android Security Penetration Testing Tools for Hackers & Security Professionals

Google Released Security Updates for More than 40 Android Security vulnerabilities

Android Device With Open ADB Ports Exploited to Spread Satori Variant of Mirai Botnet

Source link


Please enter your comment!
Please enter your name here