Google Play Store has found to have 12 malicious Android app that are stealing people’s bank account details. These apps were downloaded a total of 300,000 times, according to a research from ThreatFabric. The research security firm made the announcement in a blog post, where experts said that such applications only introduce the malware content through third-party sources after being downloaded from the Google Play Store.
The malicious apps, according to the research firm, mostly pertained to scanning apps like QR Code and Document scanners. These included QR Scanner, QR Scanner 2021, PDF Document Scanner Free, PDF Document Scanner, Two Factor Authenticator, Protection Guard, QR CreatorScanner, Master Scanner Live, CryptoTracker, and Gym and Fitness Trainer.
Researchers said that these apps are a part of four malware families - Anatsa, Alien, Hydra, and Ermac. These malwares are designed to steal users’ online banking passwords as well as two-factor authentication codes. The malware even captures what you type and takes screenshots of the infected smartphones, the research said.
The Anatsa malware family was downloaded over 100,000 times, the research said. It should be noted that such apps have positive reviews in the Google Play Store which would make them look more legitimate.
Google has restrictions to block the distribution of such malicious apps, but these apps make it difficult for Google to detect them since they have a very small malicious footprint which goes undetected by Google Play Store’s techniques.
Last month, at least 14 Android apps were found to be infected with Joker malware on the Google Play Store. These apps were foudn by an analyst at Cybersecurity firm Kaspersky. Some apps that were infected by Joker malware are quite popular with over 50,000 installs while there are other little-known apps.