Six fake Android apps were trying to steal bank details from Santander customers, when they were detected on Brazilian Google Play. A banking trojan was installed along with the app and thus allowed to create a fake user interface over the bank’s service. Because they believed in the security of the environment, people entered personal information, which was then accessed by hackers.
According to the digital security company Avast, the malicious programs used by the criminals promised discounts on flights, restaurants, as well as supposedly revealing visitors to the Instagram profile. They already total six thousand downloads in the official Google store.
CamuBot virus scam uses bank names and makes victims in Brazil
Google Play Store has fake apps with trojan – Photo: Thássius Veloso / dnetc
Want to buy cell phones, TV and other discounted products? Discover Compare dnetc
According to the company’s survey, attacks on banking services accounted for 7.13% of all threats on mobile devices in the third quarter of 2018 – an increase of almost 160% over the previous year. The security company points out that banking Trojan malware spreads through the use of social engineering. It is usually disguised in game apps, flashlights and cleaning on Google Play. Thus, after installation, the program presents a false version of the user’s bank icons, which allows virtual crimes to be carried out.
Criminals use fake apps on Google Play to steal bank passwords – Photo: Playback / Avast
The analysis by Avast’s security and mobile threats leader, Nikolaos Chrysaidos, points to a general behavior of cybercriminals who start investing in smartphones to reach users. «This trend is likely to continue, attributed to a leak of malicious source code on the darknet and to new cybercriminals targeting mobile device users, adding multiple and new banking malware families to this scenario,» he explains.
In February this year, the company conducted a survey of more than 5,000 Brazilians and asked them to compare the authenticity between app interfaces of real and fraudulent banks. Of the total respondents, 68% identified official applications for mobile devices as fake and 30% believed that the criminal layouts were true. «These results are alarming and prove that consumers can easily fall victim to bank Trojans,» concludes the report.
Free download: what are the precautions when downloading? See the dnetc Forum.
How to remove viruses on an Android phone