Posing as a currency converter app, it targets users in Spain and was downloaded more than 10,000 times
In the last few days, our Mobile Threat Labs team at Avast discovered a Cerberus banking Trojan on Google Play that was targeting Android users in Spain. As is common with banking malware, Cerberus, disguised itself as a genuine app in order to access the banking details of unsuspecting users. What’s not so common is that a banking Trojan managed to sneak onto the Google Play Store. The ‘genuine’ app in this case, posed as a Spanish currency converter called “Calculadora de Moneda”. According to our research, hid its malicious intentions for the first few weeks while being available on the store. This was possibly to stealthily acquire users before starting any malicious activities, which could have grabbed the attention of malware researchers or Google’s Play Protect team. As a result, the app has been downloaded more than 10,000 times so far. We reported it to Google, so they can quickly remove it. Banking Trojan apps operate in a stealth manner in order to gain the trust of users and steal their banking data. There are a number of stages to this process. The first stage involves delivering an app, which usually appears to act normally and perhaps even offers some degree of useful functionality to users who have downloaded it. This is to gain their trust and to ensure they are comfortable keeping the app on their phones. At this point, the 'Calculadora de Moneda' app did not steal any data or cause any harm. From the research that Threat Labs has carried out, this is exactly what ..
Support the originator by clicking the read the rest link below.
