Android is one of the most used operating systems in the world. It has tons of customisation options and has an open-source structure in its DNA. This somehow goes against privacy and raises concerns over security. Researchers have released a list of eight dangerous apps that can be a huge risk to your privacy.
According to Check Point Research, “Clast82” a malware dropper was transmitting from eight malicious apps. The strange thing about this dropper is that it is custom-designed to deliver financial malware. The Google Play Protect can’t trace the dropper.
The dropper installs AlienBot Banker, a variant of malware that remotely injects malicious code into certain financial applications. The Clast82 does not stop there, it also installs MRAT, a program that allows third parties remote access to your mobile. These two programs together can take over your mobile and hijack the banking apps, bypassing the two-factor authentication (2FA) codes and in no time, can steal your financial data. “Upon taking command of a device, the attacker can manipulate certain functions, just as if they were holding the device physically, like installing a new application on the device, or even control it with TeamViewer,” researchers said.
The researchers have released a list of eight apps from the Google Play Store that can access your bank account and even bypass the two-step authentication. We suggest all the users kindly go through the apps from this article and make clear that you do not install these apps on your smartphone.
- Pacific VPN (com.protectvpn.freeapp)
- Cake VPN (com.lazycoder.cakevpns)
- eVPN (com.abcd.evpnfree)
- Music Player (com.revosleap.samplemusicplayers)
- BeatPlayer (com.crrl.beatplayers)
- QR/Barcode Scanner MAX (com.bezrukd.qrcodebarcode)
- QRecorder (com.record.callvoicerecorder)
- Tooltipnatorlibrary (com.mistergrizzlys.docscanpro)
We recommend users to do not install these apps. In action, you have any of these apps installed on your Android device, quickly uninstall the app right now.
Leave a Reply