Android users face a threat to be faced as cyber-thieves attempt a new deceptive way to steal personal data including full access to banking services.
This latter threat is particularly frightening because it uses a relatively new tactic to hack devices and fill them with malware to steal money. As most Android users are aware, Google has strict rules about what apps it allows on its Play Store with programs immediately blocked if they are found to be violating instructions or contain any form of malicious code.
Internet thieves are clearly aware of this and have now come up with a new way to install their viruses on Android devices. And as the ThreatFabric team discovered, hackers are now uploading apps to the Play Store, which adhere to all of Google’s rules and don’t contain any malicious code.
However, once installed, a message pops up on the screen warning that the app needs a dynamic update. Instead of this upgrade coming via the official Play Store, phone owners are taken to third-party websites where the malware is then deposited directly onto the device.
With this so-called “dropper” tactic, Google is unlikely to detect or remove fake apps from its Play Store.
To make matters worse, the latest set of dangerous apps have been found to install Sharkbot and Vultur on phones, with full power to steal bank details. Once this data is in the hands of hackers, it can be used to steal funds and conduct transactions without the owner’s permission.
