Leave a comment

Google Play Store dangerous apps can fill your Android with malware and steal your money

Google Play Store dangerous apps can fill your Android with malware and steal your money
© Leszekkobusinski | Dreamstime.com

Android smartphones are extremely popular. In fact, statistics show that globally, nine in 10 smartphones are running various versions of Android.

However, due to their sheer numbers, Android phones are increasingly targeted with mobile malware and these attacks are mounting fast. Although the Google Play Store is still the safest source of Android apps, rogue apps still manage to slip through the cracks, eluding Google's screening process.

Take these recently outed apps, for example. They might all look like legitimate apps, but in reality, they are malware designed to steal your cash.

Banking Trojans in disguise

Beware! Almost 30 apps lurking within the Google Play Store have been discovered to be banking Trojan apps in disguise.

Security researchers from ESET spotted the stealthy apps on the official Android app store and they revealed that they were available from August until early October of this year. That's more than two months they've evaded detection -- enough time to cause damage.

Image Credit: ESET

The malicious apps were masquerading as various utilities like battery managers, device cleaners, boosters and even as daily horoscope apps. If you've downloaded an Android app of this sort recently, please check it against the provided list below.

Method of attack

Typically, Android banking Trojan apps are just classic phishing scams that employ overlay screens and fake login pages.

However, ESET warns that this newly discovered group of apps "belong to the category of sophisticated mobile banking malware with complex functionality and a heavy focus on stealth."

How come? For one, aside from their ability to impersonate banking apps, these malicious apps can bypass two-factor authentication codes by intercepting and redirecting your text messages and by reading your call logs.

These Trojans can also target any apps installed on your Android phone and even install other malicious apps remotely.

Although they appear to be coming from various developers, ESET's analysis reveals that these apps share similar code and they're all controlled by the same command-and-control (C&C) server. This suggests that they all came from a single attacker or cybercriminal syndicate.

Once installed and launched, these Trojans will first display an error saying that they have been removed from your phone due to incompatibility.

Image Credit: ESET

But in reality, they are just concealing themselves from view and they're still active in the background. The trojan then proceeds to download the actual banking malware on your gadget while remaining hidden.

List of malicious apps

Thankfully, all 29 of these apps have been removed from the Google Play Store and they're no longer available for download. However, the questionable apps had been installed by almost 30,000 users before they were pulled out.

If you've downloaded any of the apps listed below, please uninstall them immediately!

Here's a list of the malicious apps, courtesy of ESET:

App namePackage nameInstalls
Power Managercom.puredevlab.powermanager10+
Astro Pluscom.astro.plus0+
Master Cleaner - CPU Boosterbnb.massclean.boost5,000+
Master Clean - Power Boostermc.boostpower.lf100+
Super Boost Cleanercpu.cleanpti.clo500+
Super Fast Cleanersuper.dupclean.com500+
Daily Horoscope For All Zodiac Signsui.astrohoro.t2018100 +
Daily Horoscope Free - Horoscope Compatibilitycom.horochart.uk500+
Phone Booster - Clean Masterghl.phoneboost.com1,000+
Speed Cleaner - CPU Coolerspeeeed.cool.fh100+
Ultra Phone Boosterult.boostphone.pb1,000+
Free Daily Horoscope 2019fr.dayy.horos50+
Free Daily Horoscope Plus - Astrology Onlinecom.dailyhoroscope.free1,000+
Phone Power Boosterpwr.boost.pro1,000+
Ultra Cleaner - Power Boostua.cleanpower.boost50+
Master Cleaner - CPU Boosterbnm.massclean.boost5,000+
Daily Horoscope - Astrological Forecastgmd.horobest.ty1,000+
Speed Cleaner – CPU Coolerspeeeed.cool.gh0+
Horoscope 2018com.horo2018i.up1,000+
Meu Horóscopomy.horoscop.br1,000+
Master Clean - Power Boostermc.boostpower.cf50+
Boost Your Phoneboost.your.phone1,000+
Phone Cleaner - Booster, Optimizerphone.boost.glh1,000+
Clean Master Pro Booster 2018pro.cleanermaster.iz10+
Clean Master - Booster Probl.masterbooster.pro5,000+
BoostFX. Android cleanerfx.acleaner.e201850+
Daily Horoscopeday.horocom.ww1,000+
Daily Horoscopecom.dayhoroscope.en1,000+
Personal Horoscopehoro.glue.zodnow1,000+

Click here to read ESET's full report.

How to delete malicious apps in Android

Although this campaign is sophisticated, ESET noted that these Trojans do not employ advanced techniques to ensure persistence on an infected Android phone. All it takes to remove these Trojans is to simply uninstall them from your gadget.

To review and remove questionable apps on Android, go to Settings >> then Apps or Application Manager. Look through the list and keep an eye out for anything that's odd or unfamiliar.

Tap the questionable app you want to get rid of and this will open up the App Info screen. First, remove the app's data cache by hitting "Clear Cache." Next, delete the app's data by tapping "Clear Data."

Once these steps are done, click on the "Uninstall" button to remove the app.

Sometimes, sneaky app developers hide their fake apps by making their title and icons invisible. If that's the case, look for blank spaces in your Application Manager and uninstall them as usual.

For stubborn apps that have hijacked your gadget's administrator permissions, try removing them in Safe Mode. Unfortunately, if that doesn't work, your only other option is to wipe your data, factory reset your device, and start over.

This is why it is also so critical to have a reliable backup service. All it would take is one nasty fake app or mobile malware and you could lose it all. To back up all your gadgets, including Android, iOS, Mac and PC devices under one account, we recommend our sponsor IDrive. Check out IDrive today and save 50% thanks to Kim!

Beware of this new high-tech banking scam that's making the rounds

Scammers are continuously using advances in technology to steal money and personal information. With the advent of what are called cardless ATMs, which give you the ability to access your money directly from your phone, scammers have once again seized on their opportunity to steal money from unsuspecting people just trying to get some cash. This scam has already impacted hundreds of people; here's how to make sure it doesn't affect you.

Click or tap to make sure you protect yourself from this latest scam.


Next Story
Source: ESET
View Comments ()
Creepy Facebook feature can suggest friends based on who you stand next to
Previous Happening Now

Creepy Facebook feature can suggest friends based on who you stand next to

Bank data breach leaked account numbers, balances
Next Happening Now

Bank data breach leaked account numbers, balances