Investigators issued a stern warning to Android device owners on Tuesday, warning them of discovering eight dangerous apps in the Google Play Store that could allow an attacker to take over a victim’s smartphone and tap their bank account .
This is according to Check Point Research, which said in its report on the discovery that the cyber threat company recovered the apps on January 27 and notified Google the next day. Today, a month ago, Google confirmed that they’ve been removed from the Play Store, but if you’ve got it, you’ll still need to remove it from your device. So, what exactly happened here? Read on for the details, as well as the names of all eight identified Android apps.
Today’s Top Deal 
Amazon buyers are craving black AccuMed face masks – now at the lowest price ever! Price:$ 19.99 
BGR is available on Amazon and may receive a commission Available at Amazon BGR may receive a commission
The Check Point researchers explained that what they discovered was a malware dropper called ‘Clast82’, which spread via the eight programs. What’s narrow about it is that the dropper was able to avoid being caught by Google Play Protect, and it also contains a remote Trojan that is so nasty that one of the researchers said. Forbes it allows the attacker to “take full control of a victim’s phone – it makes the hacker physically hold the phone.”
According to Check Point’s findings, this particular dropper appears to prefer the AlienBot Malware-as-a-Service (MaaS), which allows an attacker to remotely inject malicious code into legitimate financial applications on Android devices. “The attacker gains access to the victims’ accounts and eventually controls their device completely,” the researchers explained. “When controlling a device, the attacker has the ability to control certain functions, just as if they were physically holding the device, such as installing a new application on the device, or even controlling it with TeamViewer.”
According to Check Point Research, the eight applications involved, together with their package names, are as follows:
- Cake VPN (com.lazycoder.cakevpns)
- Pacific VPN (com.protectvpn.freeapp)
- eVPN (com.abcd.evpnfree)
- BeatPlayer (com.crrl.beatplayers)
- QR / Barcode Scanner MAX (com.bezrukd.qrcodebarcode)
- Music player (com.revosleap.samplemusicplayers)
- tooltipnatorlibrary (com.mistergrizzlys.docscanpro)
- QR Recorder (com.record.callvoicerecorder)
You should uninstall any of these apps immediately if you find them on your device. It would probably also be a good idea to change passwords associated with your financial accounts, as accessing them is one of the concerns.
While hackers can be very clever and creative in the extent to which they go into hiding the intentions and true nature of their programs, it is another opportunity to remind them that you should always check the programs you are preparing. download and the identity of the developers behind it. This does not appear to be a situation where the apps above could infect millions of devices before researchers caught it – this time. But hackers who are truly dedicated will keep coming back, unabated, until they earn points.
Today’s Top Deal 
Amazon has finally made 6-layer KN95 masks in the US! Price:$ 39.99 BGR is available on Amazon and may receive a commission Available at Amazon BGR may receive a commission
Andy is a Memphis reporter who also contributes to outlets such as Fast Company and The Guardian. If he does not write about technology, he can be protective of his budding collection of vinyl, as well as the nursing of his Whovianism and a variety of TV shows that you probably do not like.