Recently, it has come to light that a fake app named Kaspersky Free Antivirus has been spreading Trojan while masquerading as the popular app Kaspersky Internet Security. Unfortunately, this is not the only app out there trying to spread malware via such tactics.
Many third-party apps are trying to impersonate popular apps to infect your phones and get your passwords. Some impersonated apps include TeaTV, VLC MediaPlayer, Mobdro, DHL, UPS, and bpost. Popular banking apps such as Bankia Wallet, BankinterMovil, BBVA Spain, Bankia, Openbank, Cajasur, and Ibercaja are also affected by this.
These apps require several permissions to install, including accessibility services that allow them to perform keylogging and steal Google Authenticator codes. This high-level permission allows the hackers to fully remote control the infected Android devices.
“TeaBot and other Android-based trojans have the potential of stealing user credentials and wreaking havoc with account takeover fraud and identity theft within the banking system,” says Rajiv Pimplaskar, CRO, Veridium. “While currently, these Trojans appear to be localized within certain European countries, for the time being, such attacks can quickly spread regionally and across the globe.”
How to identify and save yourself from these trojan apps?
Available from third-party marketplaces, these apps require you to allow your device to download software from unknown sources.
While there is nothing wrong with downloading apps that way, there’s no telling which application might have some malware hidden.
Additionally, these apps require permissions such as accessibility services, read phonebooks, read phone states, use device biometrics, modify audio settings, display popups over other apps, and delete other applications. So users must think twice before giving away these permissions to a third-party app.
VLC media player is one of the most downloaded apps spreading at least 92% of the malware. Another trojan named Flubot (also known as Cabassous) is also plaguing these apps, attacking users by sending spam messages.
Currently, the only way to identify these trojans is to get antivirus software for your device. This will help you detect the trojan files early and help you get rid of this software. Here is a list of the best free Android antivirus apps to keep your device secure.