Banking Trojan BankBot Laced to Applications from Play Store

According to a warning to Android users, they should not download 2 apps found inside Google's authorized mobile marketplace Play Store because they're laced with malware capable of abusing genuine 'accessibility services' followed with draining bank accounts.

During the current week, 2 cyber security companies namely SfyLabs and Zscaler published the 2 apps' thorough analysis, the applications called 'Bubble Shooter Wild Life' and 'Earn Real Money Gift Cards.'

The applications in reality have been made to install BankBot name of a banking malware. Securify's co-founder Han Sahin told El Reg that the malicious software merely started acting at the time its controllers moved towards installing the actual Trojan onto people's devices even as it circumvented 'Bouncer,' the malware scanner used internally of Google.

The applications as well exploit the accessibility permissions of Android for downloading more malware devoid of the user knowing about it. Theregister.co.uk posted this, August 23, 2017.

First to notice the infected applications were SfyLabs' security researchers and after sometime Zscaler's researchers. The two companies individually informed Google. The applications in discussion continue to be on Google's Store, though with an installation count of not even 5,000 downloads. One phony 'Terms and Conditions' web-page is visible from the apps which imitates one Google version, yet making the illusory genuineness greater. In reality, it's just one click for the crooks to gain control.

BankBot tries fooling the victim in a way that he would enable certain option on Android which allows content installation from unfamiliar places. In Zscaler's opinion, the accessibility service exploitation for installing additional malicious software is "unique."

Both apps 'Bubble Shooter Wild Life' and 'Earn Real Money Gift Cards' have been only lately uploaded to Play Store while the number of times they've been obtained is less than 5,000. Despite that a few commentators on Play Store looked at the apps with suspicion. Eventually during late July, one of them stated "Malware detected."

Android users have been urged towards downloading applications solely from genuine places, staying watchful when any app seeks consents while not to ever feed in their private pass phrases into dubious services.

» SPAMfighter News - 8/29/2017