Malicious Apps on Google Play Steal Bank Credentials

Forum Moderators: open

Message Too Old, No Replies

Malicious Apps on Google Play Steal Bank Credentials

engine

11:26 am on Nov 30, 2021 (gmt 0)

Google Play still contains apps which appear to be malicious and, according to researchers, were downloaded 300,000 times before eventually being discovered as stealing banking credentials.

The apps—posing as QR scanners, PDF scanners, and cryptocurrency wallets—belonged to four separate Android malware families that were distributed over four months. They used several tricks to sidestep restrictions that Google has devised in an attempt to rein in the unending distribution of fraudulent apps in its official marketplace. Those limitations include restricting the use of accessibility services for sight-impaired users to prevent the automatic installation of apps without user consent.

[arstechnica.com...]

graeme_p

1:41 pm on Dec 1, 2021 (gmt 0)

This is why I do not like banking apps (or banking from a phone).

engine

3:23 pm on Dec 1, 2021 (gmt 0)

This is why I do not like banking apps (or banking from a phone).

Some banks are pushing hard for this to be the favoured mode. I agree with you, it's not as safe as it should be.

Sneaky app developers seem to be able to bypass the added security proclaimed by the Google Play store. [support.google.com...]

not2easy

4:29 pm on Dec 1, 2021 (gmt 0)

Yes, places I do business with are pushing hard to "take advantage of the simplicity and convenience" while consumers are not up to speed yet. Banks will eventually figure it out that just because something is possible, does not make it a good idea.