Hidden at least 17 applications can be bought at Game Store, a new wave of attacks on Android smartphones stole operating system user passwords and banking credentials. This week Google announced that these apps have been removed from the service as part of a security campaign.

According to cybersecurity company TrendMicro, the criminals were also actively selling virus solutions to anyone who wanted to carry out cyberattacks.

A multinational corporation exposed a malicious campaign late last year DawDropper, which used Firebase Realtime Database, a third-party cloud service, to avoid detection and get the download address dynamically. So, under the guise of various Android applications, the attackers used malware to lure victims.

Below are 17 apps that have been removed from the Play Store for stealing passwords and user data.

• Answering machine;
• Call recorder Pro+;
• VPN cock;
• super cleaner;
• Additional cleaner;
• FixCleaner;
• Happy cleaner;
• Simple cleaner;
• document scanner;
• Document Scanner Pro;
• Universal Saver Pro (both versions);
• Unicc QR Scanner;
• Photo editor Eagle;
• Just now: video in motion;
• Defeat darkness;
• Crypto Utilities.

TrendMicro also reports that on closer inspection, the DawDropper campaign has options that eliminate four types of banking Trojans, including octo, hydra, Ermak as well as ChaiBot. Thus, variants use a legitimate NoSQL database hosted in the cloud to store data as a command and control (C&C) server and host malicious payloads on GitHub.

The tool used in the fake apps was able to access several steps, allowing for things like stealing banking information and intercepting text messages. You can view the full report by clicking here.

How to protect yourself from dangerous apps

As with the App Store for iOS devices, the Play Store is still the best place to install apps for smartphones and other devices. However, you need to pay attention to some information in order to prevent the installation of malicious applications that may cause problems in the future. So, ideally, the user pays close attention to some of the steps.

It is extremely important that before installing the application, the user researches the software more and looks for relevant information such as ratings, comments, and download counts.

It’s also good to research the developer of the app. Keeping in mind that all apps located in the Google store show who the developer is. And of course, don’t forget to always update your devices.

Read also: WhatsApp CEO says he won’t let governments access users’ messages.

Source: Trend Micro

…..