Beware if you recently have installed any funny video application from Google Play Store as it may contain android banking Trojan.
Most of the people love to watch funny videos online in their free time.Are you one of them? Do you love to watch funny videos online??
If your answer is in yes, then there is a bad news for you. A security researcher has find a android banking Trojan hiding in apps with different names on Google Play Store example: Funny videos, Funny videos 2017 etc. Below is the image for example.
This banking trojan behaves like any other video application so that you will not categories it as suspicious. While in background, it target victims from banks around the world. This banking trojan application is somehow different from any other banking malware in two perspective.
- It’s capability of targeting victims
- It uses DexProtector, a tool to heavily obfuscate APKs
Targeting over 420 bank apps worldwide
Researcher deobfuscated the application by doing some workaround and finding key from similar applications. Result of deobfuscated data contains a list of all targeted applications. The list was surprisingly more extensive than expected.
Till Google decided to take the app out from Google Play Store, there were more than 5000 downloads. The figure is small for normal application but very large for any malware. The list of deobfucated data contained ABN, Rabobank, ASN, Regiobank, and Binck as targeted application. You can find the full list here.
How to secure yourself?
Security is important for all users. We are sharing some tips for our users so that they will not be the next victim of such malware:
- It will be great to have an anti-virus in your system(Mobile or PC)
- Make sure the application you are downloaded is from trusted source only i.e, Google Play or Apple App Store. Additionally if you are using application shared by your friend(by using shareit etc), verify it’s trustpoint on trusted store
- Make sure, application you are downloaded from store should have huge number of downloads(at-least more than 50k)
- Never click on link shared in sms, mms, whatsapp, facebook etc until you trust on that link( Normally, virus comes in form of promotional offers such as get free 100 RS talk time etc)
- Do not give administrative rights to any application, until you know what the application is about and why it need administrative rights
Usually, applications containing trojan, malware, virus etc asks for administrative rights. Once you granted them, they take control from you. Just understand that admin rights are powerful and you can lose the access if it is in bad hands.
Have something to add in Android banking Trojan hiding in apps?? Please share in comments.
Follow us on Facebook, Google Plus and Twitter.