New money-stealing Android apps have been spotted on the Google Play Store. Even though they have been removed since, they may still be installed on your phone. This information comes from security researchers at Trend Micro. We’ve seen such harmful apps a number of times thus far, with different malware attached to them.
Money-stealing Android apps have been spotted, with DawDropper malware
Now, DawDropper malware has been spotted in these apps. There is potential for stealing victims’ banking credentials, passwords, and even PIN numbers. This malware can also intercept text messages, and much more.
Apps like these are usually referred to as ‘dropper apps’. Trend Micro notes that there has been a growing number of banking trojans on Android, and Google Play Store in particular.
You can find a full list of apps in the list below. If you have any of these apps installed on your smartphone, you’re highly advised to remove them as soon as possible. Even though they’re no longer in the Play Store, they may still be on your phone.
- Call Recorder APK (com.caduta.aisevsk)
- Rooster VPN (com.vpntool.androidweb)
- Super Cleaner- hyper & smart (com.j2ca.callrecorder)
- Document Scanner – PDF Creator (com.codeword.docscann)
- Universal Saver Pro (com.virtualapps.universalsaver)
- Eagle photo editor (com.techmediapro.photoediting)
- Call recorder pro+ (com.chestudio.callrecorder)
- Extra Cleaner (com.casualplay.leadbro)
- Crypto Utils (com.utilsmycrypto.mainer)
- FixCleaner (com.cleaner.fixgate)
- Just In: Video Motion (com.olivia.openpuremind)
- com.myunique.sequencestore
- com.flowmysequto.yamer
- com.qaz.universalsaver
- Lucky Cleaner (com.luckyg.cleaner)
- Simpli Cleaner (com.scando.qukscanner)
- Unicc QR Scanner (com.qrdscannerratedx)
Trend Micro says that DawDropper’s malicious payload belongs to the Octo malware family
Trend Micro explains: “DawDropper’s malicious payload belongs to the Octo malware family, which is a modular and multistage malware that is capable of stealing banking information, intercepting text messages, and hijacking infected devices. Octo is also known as Coper, and it has been historically used to target Colombian online banking users”.
We’ve reported on banking trojan apps quite a few times thus far, and regardless of which trojan we’re talking about, it has the potential of causing serious damage. So, before you install apps, be sure to check their rating and reviews. Google is removing such apps fast, those that get through its defenses, but there’s always a chance you’ll install one. Also, you’re advised to be careful when sideloading apps, though it’s safer if you don’t sideload at all.
Source: https://www.androidheadlines.com/2022/08/new-money-stealing-android-apps.html