Fierce BankBot Malware Invades Google Play Store…Again!
By: Jim Stickley and Tina Davis
August 19, 2019
Google Play Store has seen more than its share of malware-infected apps, but this time it’s different. Recently, BankBot Trojan was spotted yet again, hiding among many of Play Store’s 3.5 million apps. Two billion Play Store customers are at risk of buying any one of the reported 132 BankBot-infected apps on Play Store. The financial malware is notorious for imitating banking applications and stealing credentials including payment card and account numbers. It also steals data from Facebook and other apps on a device. Google Play believed they got rid of the Android malware in 2017, but it’s been recently found yet again–hiding in apps and evading Play Store security measures.
It’s not unusual for malware campaigns to debut and then reappear at a later date–improved and fiercer than ever. In 2017, BankBot made its way into cyber headlines as a banking malware to contend with. That year alone, Google Play saw the malware disappear and return at least twice more. Attempts to clear BankBot from Google Play were futile, as the cunning malware bypassed application vetting and security protocols time and again. Two years later, the app store is still having difficulty wiping out BankBot.
There are security measures users can take when downloading any app, and cybersecurity experts warn not to buy an app from other than the official Google Play or Apple’s App Store—also known as sideloading. Downloading apps from a third-party site is a dangerous proposition as they rarely vet apps for malware as closely as Google and Apple do.
Pay very close attention to the permissions apps request before downloading. As annoying as they might be, there’s some very specific requests for access to data and other privileges to think about before agreeing to it–or not. It is extremely unlikely any application needs administrator or full system access to your device or computer, so don’t grant it. This is a dangerous choice.
Also, always research any app before downloading. If there are more negative than positive comments, it’s time to take a pass. Look at how many reviews there are and if there aren’t many and they are all glowing with no bad things to say, it should be a red flag. After all, there is always something to find to complain about when using apps.
Finally, choosing antivirus software for mobile devices is always strongly recommended and should also be thoroughly vetted before installing. App safety measures are something all users need for more successful navigation of our ever-changing cyber landscape.