Now it’s Android…
Cloud security vendor Zscaler says customers of Google’s Play Store have downloaded more than 19 million instances of malware-laden apps that evaded the web giant’s security scans.
Zscaler’s ThreatLabz spotted and reported 77 apps containing malware, many of them purporting to be utilities or personalization tools.
Many contained an updated version of the Anatsa banking trojan, malware that first appeared in 2020. The latest build includes a keylogger for password collection, SMS interception capabilities, and anti-detection tools. Zscaler thinks it’s being used to target 831 financial institutions globally, including both crypto exchanges and regular banks.
Full article, HERE from The Register h/t Borepatch!
Ouch… and all this stuff is getting by Google’s vaunted ‘malware detector’…
If I were you, I’d be careful of what apps I downloaded.
Just sayin…
Some of this is from a group of state actors: North Korea, China, Russia, and perhaps Iran as well.
There’s another class of “bad actor” though that is much quieter and you can’t detect it until you’ve been burned. It might also be backed by the aforementioned four state actors, but often is just an independent person or group.
Say you’ve got a fellow who has a great application in one or more of the app-stores. It’s popular, he’s a good maintainer/owner and releases fixes pretty regularly along with the biggest new features people seem to want. Years pass, and a LOT of people come to depend on this thing he’s created.
He gets approached by someone or some cut-out company offering a substantial amount for his project. It’s enough that he seriously considers it but decides he wants to continue to maintain it himself and turns them down. They counter-offer with a much larger sum. “I’d be a fool to turn down this much money,” he thinks to himself and tentatively agrees.
Then they tell him, “There’s a few conditions. First, you can’t talk about the sale, to anyone. Second, you hand over your email account and your account to maintain the software to us, lock stock and barrel, including any secret key or device used to generate a multi-factor login code.”
Some of them still agree to this because we’re now talking about a LOT of money.
And then, as of some release down the road, the malware gets snuck in, and the entire user-base gets burned when they update. And they had no idea it was coming because there was no visible change-of-ownership on the application, which also makes it much more difficult for the app-store to detect, too.
We’re all just one update away from being burned. Have backups, and don’t keep sensitive, confidential, or secure information on devices where this could happen easily.
You should consider carefully before installing any app, on any phone or computer.
I use web pages as much as possible in place of apps and the only apps I use are major well known ones.
I still assume it’s only a matter of time before I’m hit – that’s why I don’t have online access set up for my major accounts, only the smaller day to day ones. It would suck for them to get hit, but the big ones would be catastrophic.
Sometimes I rejoice in being a Latter Day Luddite. I don’t use any apps on my phone except Google Maps. On my home computers I use very few apps. Old clunker running Windows 7 I have nearly all AVG’s products. On the new whizbang Windows 11 I have Aura. No disrespect to you computer literate masters; all the available tools don’t interest me.
Ag- I wouldn’t be surprised…sigh
Jon/WSF- Agreed!
Long ago I decided to out exactly zero apps on my phone that have anything to do with money.
Amazon, Banks, zelle, Nothing.
That’s after I saw a video of a guy accessing somebody else’s phone just by getting close to it.
Never will I ever do that.
I have a tablet and desktop and laptop that I can do financials on.