Cybercriminals injected malicious code into 17 apps Play Storeshop GoogleA fact that puts users on alert.

These infected applications can be installed and, in turn, integrate the system with so-called “cold dropper”, which consists of remotely downloading malicious banking trojan codes to users’ devices. These viruses were targeted stealing information linked to the victims’ bank accounts.

According to a report by the security company Trend Micro Incorporated, which warned of this situation, in the end 2021 yearA malicious campaign was discovered that claimed to use DawDropper to bypass Play Store security and infect various apps Android.

Platforms identified and removed are Just In: Video Motion, Document Scanner Pro, Conquer Darkness, Simpli Cleaner, Unicc QR Scanner, Call Recorder, Call Recorder pro +, Rooster VPN, Super Cleaner, Universal Saver Pro, Eagle Photo Editing, Extra Cleaner, Crypto Utils, Fix Cleaner, Lucky Cleaner,

The procedure was done through a third-party cloud service to avoid to reveal and get the payload download address.

Information published in a report titled “Exploring the New DawDropper Banking Dropper and DaaS dark web“, is believed to identify a set of compromised apps and is currently no longer available in the Play Store Google.

Although the purpose of the banking drip method is to spread and install viruses on the devices of its victims, there are many ways to achieve its goal.

According to the security firm’s observations, DawDropper has variants that produce four types of banking Trojans: Octo, Hydra, Ermac and TeaBot. They use a database owned by Google to avoid detection.

As additional programming, the virus had the ability to disable itself Google Play Protectwhich is responsible for scanning device applications and verifying that they do not contain malicious data, in addition to collecting user data such as identification Android Infected smartphones, contact lists, installed apps and even text messages.

How to avoid becoming a victim of cybercrimes

Cybercriminals are constantly finding ways to avoid detection and infect as many as possible. devices as possible. Over the past half year, we’ve seen how banking Trojans have evolved to avoid detection and hide malicious payloads in drops.

As there are more Banking Trojans Available, malicious actors will have an easier way to spread malware in disguise applications legitimate.

As this trend will continue and more banking trojans will spread in the future, it is imperative that users consider these recommendations and security practices to avoid becoming victims of criminals.

In addition to those already mentioned, users can use other solutions that allow scanning mobile devices in real-time and, if it detects other malicious or malware-laden apps, block or remove them from the store.

Continue reading: