Thursday, March 28, 2024

Many New Apps Injected with Banking Malware found in Google Play Store

[jpshare]Security researcher Niels Croese found much new banking malware on Google Play, which has numerous new banking application focuses in its configurations.

Taking a look at the names of the exercises and other manifest items it appeared like an ordinary application with embedded malware.

Apparently, the app was updated recently (April 8, 2017) and this was most likely when the malware was added. I reported the app through their reporting system but at the time of writing it is still available on Google Play. Researcher told.

He found the sample application Funny Videos 2017 with Bankpot rules tagged with DexProtector(secure your Android applications and Android libraries (AARs) against unauthorized or illegal use).

Nowadays with social Engineering techniques, Fraudsters used to make people believe it is from trusted source and to steal their credentials.

New apps Injected with Banking malware found in Google Play Store

As should be obvious it appears to have 1k to 5k introduces, which isn’t much for a typical application, however a considerable amount of malware.

Malware App Targets

Since the DexProtector obfuscated APK takes more time to deobfuscate and most malware doesn’t update rapidly.

Later they chose to get a current BankBot test that wasn’t jumbled this intensely to get the deobfuscation schedule.They cleaned up the deobfuscation routine from the sample a bit and ended up with the source code.

By looking at the source Java code and running the program bringing about the deobfuscated information containing a rundown of all applications that are focussed.

The list consist of more banks than they expected contained some new Dutch targets including ABN, Rabobank, ASN, Regiobank, and Binck. A full list can be found on authors page.

Common Defences

  • Maintain the CIA cycle.
  • Don’t install the app from Untrusted source.
  • While installing careful check for App permissions.
  • Do have a Mobile security App.

Also Read

Website

Latest articles

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across...

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two...

CISA Warns of Hackers Exploiting Microsoft SharePoint Server Vulnerability

Cybersecurity and Infrastructure Security Agency (CISA) has warned about a critical vulnerability in Microsoft...

Microsoft Expands Edge Bounty Program to Include WebView2!

Microsoft announced that Microsoft Edge WebView2 eligibility and specific out-of-scope information are now included...

Beware of Free Android VPN Apps that Turn Your Device into Proxies

Cybersecurity experts have uncovered a cluster of Android VPN applications that covertly transform user...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles