Android is one of the most used operating systems in the world. It has tons of customisation options and has an open-source structure in its DNA. This somehow goes against privacy and raises concerns over security. Researchers have released a list of eight dangerous apps that can be a huge risk to your privacy.
According to Check Point Research, “Clast82” a malware dropper was transmitting from eight malicious apps. The strange thing about this dropper is that it is custom-designed to deliver financial malware. The Google Play Protect can’t trace the dropper.
The dropper installs AlienBot Banker, a variant of malware that remotely injects malicious code into certain financial applications. The Clast82 does not stop there, it also installs MRAT, a program that allows third parties remote access to your mobile. These two programs together can take over your mobile and hijack the banking apps, bypassing the two-factor authentication (2FA) codes and in no time, can steal your financial data. “Upon taking command of a device, the attacker can manipulate certain functions, just as if they were holding the device physically, like installing a new application on the device, or even control it with TeamViewer,” researchers said.
The researchers have released a list of eight apps from the Google Play Store that can access your bank account and even bypass the two-step authentication. We suggest all the users kindly go through the apps from this article and make clear that you do not install these apps on your smartphone.
- Pacific VPN (com.protectvpn.freeapp)
- Cake VPN (com.lazycoder.cakevpns)
- eVPN (com.abcd.evpnfree)
- Music Player (com.revosleap.samplemusicplayers)
- BeatPlayer (com.crrl.beatplayers)
- QR/Barcode Scanner MAX (com.bezrukd.qrcodebarcode)
- QRecorder (com.record.callvoicerecorder)
- Tooltipnatorlibrary (com.mistergrizzlys.docscanpro)
We recommend users to do not install these apps. In action, you have any of these apps installed on your Android device, quickly uninstall the app right now.