Last January, a Trojan virus that affects Android devices leaked online. This was the BankBot, a banking malware which disguised itself as a harmless program and able to avoid Google’s security scans. Weeks after the attack, the malware found its way to Google Play Store.
This came to be when a hacker was able to get the source code and came up with the new banking Trojan also known as Spy Banker and Dr. Web. Soon enough, it was used to penetrate Russian banks and eventually, other bank clients in other parts of the world, including Austria, Turkey, Germany and the UK.
What makes this vicious banking Trojan threatening is that it was able to find a way of hiding in apps using a variety of names on Play Store. On is Funny Videos 2017 and the other is the HappyTimes Videos, with the latter discovered just after Easter. While both apps have been taken down, there were already thousands of downloads made by unsuspecting users.
How Banking Trojan Operates
Being a mobile banking malware, it affects Android users. When it is downloaded, users will be able to watch funny video clips. Conversely, the malware is able to get pertinent banking information as well as access SMS. In Google, it was able to mask itself as any regular app for Android.
Google Play Store has been criticized for the way it simply depends on automated scanning which makes it susceptible to banking malware. After BankBot has been downloaded, it asks for administrative rights, as in any Play Store download. If permission is given, it can now take over the phone’s system.
When the user opens any of the 425 banking apps which have been previously configured, BankBot displays a page that will prompt the user to enter banking information and personal details which will then be sent to fraudsters.
Fortunately, Google was already able to remove these apps from the Play Store. But just the same, users are reminded to always be wary of malware attacks and are advised to install antivirus apps.
Meanwhile, the latest Google Play Store version 126.96.36.199 is already available for download and it comes with new fixes.