Skip to Content
TeaBot banking malware hiding in Google Play Store
© Info723783 |
Security & privacy

QR code app caught hiding malware – Check your phone!

Malware is always problematic, but the worst kind of infection is those that steal your money and wipe your phone.

While new malware is constantly developing, security researchers closely watch for updated variants. Banking trojans like TeaBot can hide in any mobile app and wreak havoc with your finances.

The nasty variant has been spotted hiding in a QR code app on an official app store. Keep reading to see the risks and ways to avoid them.

Here’s the backstory

The highly infectious TeaBot banking trojan is known to piggyback on Android apps to steal your money eventually. Or, in the worst possible case, rip you off and take complete control of your device.

What makes TeaBot unique is how it works. It isn’t inside a seemingly harmless app to bypass Google’s malware and antivirus checkers. Instead, it uses apps to redirect users into clicking a link which then infects their device.

The latest discovery of TeaBot is connected to an app called QR Code & Barcode – Scanner, which has been downloaded more than 10,000 times. As online fraud management company Cleafy explains, the QR code app’s developer submitted it to the Google Play Store without any malicious code.

But there is another sneaky trick. The app delivers as described in the Google Play Store and functions as a legitimate QR code scanner.

Once installed, the app will alert you to an update. But it doesn’t grab the update from Google’s servers like it should. Instead, it fetches the files from an external GitHub folder that hosts the malware. After TeaBot is installed, a new app will appear on the victim’s mobile device called QR Code Scanner: Add-On.

What you can do about it

The new app launches automatically and asks users for several permissions. These include viewing the screen, capturing screenshots, and performing actions without requiring authentication from the device owner.

One way to protect yourself from malware and banking trojans is to inspect permission and access requests. Here are some other ways to protect yourself:

  • Only download apps from official app stores like Google Play and Apple’s App Store. While it isn’t foolproof, your chances of downloading a malicious application are dramatically reduced.
  • Ensure that you know what the app intends to do, what information it collects and how it will use it.
  • Don’t blindly trust reviews on app stores, and do some research before you hit that download button.
  • Have trustworthy antivirus software on all your devices. We recommend our sponsor, TotalAV. Get the Best Security Suite for 2021 and save an exclusive 80% at That’s just $19 for an entire year of protection.

Another thing to remember is you don’t even need to have a third-party app to scan QR codes. Most newer iPhones and Android devices have the tool built right in. Just open your phone’s camera to scan a QR code, and you’re good to go. That way, you can avoid potentially malicious third-party apps.

Keep reading

Hackers are creating fake apps that mimic real ones – Don’t be fooled

Sneaky new malware avoids detection – How to check your computer

Komando Community background

Join the Komando Community

Get even more know-how in the Komando Community! Here, you can enjoy The Kim Komando Show on your schedule, read Kim's eBooks for free, ask your tech questions in the Forum — and so much more.

Try it for 30 days