Hackers mimic common Android antivirus to contaminate units with malware

admin
4 Min Read

A brand new sequence of malicious Android functions (opens in new tab) have been recognized, all of which acceptable acquainted branding to lull potential victims right into a false sense of safety.

In keeping with researchers at safety agency Bitdefender (opens in new tab), cybercriminals are distributing malware-rigged variations of varied common apps, together with media participant VLC, Kaspersky antivirus (opens in new tab), and functions from FedEx and DHL.

As soon as put in, the fraudulent apps infect units with both Teabot or Flubot, a pair of nasty banking trojans first found earlier this yr.

  • Try our listing of the most effective ransomware safety (opens in new tab) providers accessible
  • We have constructed a listing of the most effective malware elimination (opens in new tab) software program proper now
  • Check out our listing of the most effective endpoint safety (opens in new tab) providers on the market

The previous pressure is reportedly able to intercepting messages and Google Authentication codes, logging keyboard strokes, performing overlay assaults and, in some circumstances, seizing full management of the contaminated machine.

Flubot just isn’t fairly as complicated, however remains to be outfitted with the instruments to carry banking credentials, messages and different forms of non-public information from the machine. The malware additionally displays “worm-like conduct”, spreading itself through malicious SMS messages despatched out from contaminated units.

Faux Android apps

Though malicious functions have been recognized to make their means onto Google Play Retailer every so often, the vast majority of threats may be prevented by downloading content material from respected sources solely.

That is definitely true of the threats found by Bitdefender, which aren’t hosted on Google Play and might solely make their means onto an Android machine through sideloading.

“Spreading malware on Android units just isn’t straightforward, because the official retailer can often forestall a lot of these apps from reaching customers,” famous Bitdefender. “However one in every of Android’s best strengths, the power to sideload apps from non-official sources, can also be a weak point.”

“Utilizing a mixture of tips to influence customers to put in apps exterior of the official retailer, criminals unfold most of their malware by means of sideloading.”

Within the report, the researchers clarify that the malware marketing campaign just isn’t a mirrored image of the safety requirements of the unique, official apps. Cybercriminals have merely co-opted recognizable branding as a way of social engineering.

On the time of writing, the malware marketing campaign stays lively, so Android customers are suggested to train warning when downloading content material from non-official sources and to defend their units with main safety software program.

Replace:
Kaspersky, whose Android app the marketing campaign operators are mimicking, has since supplied the next assertion:

“Malware creators commonly disguise their applications as common official software program, together with safety applications, with a purpose to lure customers into putting in malicious recordsdata. Kaspersky recommends downloading functions from official sources (e.g. official app shops).”

  • Here is our listing of the most effective Android antivirus (opens in new tab) providers proper now
Share this Article
Leave a comment