Delete these five apps now from your Android phone before your bank account is threatened
Unlike malicious apps that are dripping with malware making it harder to get listed in the Google Play Store (but not impossible, unfortunately), malware droppers look and act like your garden-variety apps. But when these apps notify users that an update is ready, what is really being installed is malware running in the background scooping up your banking information and other personal data.
Banking Trojans act like legit apps until you tap on the Update button
Fake Play Store listing asks you to update this malware dropper which actually installs a banking Trojan
Nonetheless, the report mentions that this new banking Trojan is called Sharkbot and one malware dropper purported to be an app to help users calculate their taxes in Italy. With over 10,000 installs, “Codice Fiscale” has an innocent-looking listing in the Play Store. If opened on a device, the app checks the country where the handset’s SIM is registered. If it didn’t match the code for Italy, no malicious behavior would take place.
Another banking Trojan, this one called Vultur, has been disseminated by three malware droppers also found in the Play Store: “Recover Audio, Images & Videos,” “Zetter Authentication” and “My Finances Tracker.” The first app listed has over 100,000 installs. Vultur keeps track of all taps and gestures made by an Android user on his/her phone. Similar to Sharkbot, this ploy uses a fake update to load the malware on a handset.
Uninstall these five apps if they have been installed on your Android phone
To combat these malware droppers, normally we’d suggest checking the comments section for red flags. However, attackers have been known to load up the comments section with fake reviews. And after the initial installation of one of these apps, you might see a fake Google Play Store listing with phony reviews in an attempt to get you to tap the update button. The victim himself is inadvertently causing the malware to load on his own phone.
ThreatFabric says that it always reports malware droppers in an attempt to have them removed from app stores. But just because an app is removed from an app store doesn’t mean it has been removed from your phone. So if you have one of these installed on your device, uninstall it immediately:
- Recover Audio, Images & Videos – 100,000 downloads
- Codice Fiscale 2022 – 10,000 downloads
- Zetter Authentication – 10,000 downloads
- File Manager Small, Lite – 1,000 downloads
- My Finances Tracker – 1,000 downloads