A new study from Trend Micro points to several Android apps that contain software aimed at stealing extremely sensitive data related to your bank account or passwords. They would also be able to intercept text messages to place malicious software there.
In its study, Trend Micro specifies the process used by hackers to retrieve user data through these applications:
Once the malware Octo is installed on the victim’s device and obtains core permissions, it will keep the device awake and register a scheduled service to collect and upload sensitive data to its server […]. It also uses a virtual network to record the user’s screen, including sensitive information such as banking credentials, email addresses and passwords, and PIN codes. The malware also causes the user’s screen to black out by turning off the backlight and muting the device sound to mask malicious behavior.
In addition, this Android malware is able to deactivate Google Play Protect, normally responsible for checking applications to identify malicious behavior, which allows it to collect user data such as the list of contacts, installed applications or even text messages.
These 17 applications are no longer available on the Play Store today, but can still harm you if installed on your smartphone:
- call recorder
- VPN Rooster
- Super Cleaner
- Document Scanner
- Universal Saver Pro
- eagle photo editor
- call recorder pro+
- Extra Cleaner
- Crypto Utils
- Universal Saver Pro (another version)
- Lucky Cleaner
- Just In: Video Motion
- Document Scanner PRO
- Conquer Darkness
- Simple Cleaner
- Unicc QE Scanner
In the coming weeks, Google will implement a new policy regarding applications on the Pay Store. Among the changes, we note the prohibition of applications that clone the icons, logos, drawings or titles of other applications. VPNs used to track user data in order to redirect them to advertisements will also be banned.
Starting September 30, developers will no longer be able to run full-page ads in mobile games if they can’t be closed after 15 seconds. Ads that appear before or during the loading screen, or before the start of a new level will also be prohibited. Ads that are used to unlock in-game rewards will continue.