Cyber fraudsters have discovered a new way to withdraw money from your banking applications. A new research conducted by Check Point Research mentioned 8 of these applications that were available on the Google Play Store, which could pose a great threat to your privacy.
The research suggests that "Clast82" - which is a "dropeper" tool - drops malware inside devices and was spread in 8 applications designed to present malware, and the shocking part about these applications is that the protection program "Google Play Protect" (Google Play Protect) hadn't tracked it before.
Malware hides inside an application, and is only activated after installing the infected applications. After installing an infectious application, the pipette program decompresses itself and installs malware called "AlienBot Banker", which is a variant that specifically injects it. Malicious Code in Financial Applications.
This malware not only infects banking apps, but also allows third parties to access your mobile phone remotely.
After your phone is infected, online attackers can gain full remote access to your device. They can hijack banking applications and install any other application, transfer money from your bank wallet accounts, and intercept two-factor authentication codes.
"When controlling the device, the attacker has the ability to control certain functions, just as if he was physically holding the device, such as installing a new application on the device, or even controlling it using TeamViewer," the researchers said.
Researchers released the names of the eight infectious apps that can empty your bank accounts: Cake VPN, Pacific VPN, eVPN and eVPN. BeatPlayer, QR / Barcode Scanner MAX, Music Player, tooltipnatorlibrary, and QRecorder. The aforementioned applications were installed on your device, so uninstall them immediately.