The Hacker News recently reported that a team of researchers from several security firms uncovered new malware campaigns targeting Google Play Store users, with one spreading a new version of BankBot, a persistent family of banking Trojan apps that imitates real banking apps in efforts to steal users’ login details. The report noted that BankBot is designed to display fake overlays on legitimate apps from major banks around the world, including Citibank, WellsFargo, and Chase, to steal sensitive information, including logins and credit card details.
With its primary purpose of displaying fake overlays, BankBot has the ability to perform a broad range of tasks, such as sending and intercepting SMS messages, making calls, tracking infected devices, and stealing contacts.
“According to an analysis the latest variant of BankBot has been hiding in Android apps that pose as supposedly trustworthy, innocent-looking flashlight apps.
After tricking victims into downloading them, the malicious apps check for the applications that are installed on the infected device against a hard-coded, list of 160 mobile apps.
According to the researchers, this list includes apps from Wells Fargo and Chase in the U.S., Credit Agricole in France, Santander in Spain, Commerzbank in Germany and many other financial institutions from around the world.”
If you would like a free brand report to see how your intellectual property is being presented in these marketplaces, and to learn how we can help protect your brands, please drop us a note.