Researchers have recently discovered popular Android apps on Google Play contain malicious trojans that might’ve got your bank details and credentials. Ars Technica reported that these apps got 2FA codes and credentials and also logged keystrokes and took screenshots.
The scariest part is that the apps were disguised as regular apps that most people frequently use, like PDF scanners, QR scanners, and even Crypto Wallets.
Here’s the list of apps that you should delete right now:
- Two Factor Authenticator (com.flowdivision)
- Protection Guard (com.protectionguard.app)
- QR CreatorScanner (com.ready.qrscanner.mix)
- Master Scanner Live (com.multiffuctuon.combine.qr)
- QR Scanner 2021 (com.qr.code.generate)
- QR Scanner (com.qr.barqr.scangen)
- PDF Document Scanner – Scan to PDF (com.xaviermuches.docsscannerpro2)
- PDF Document Scanner (com.docscanverifier.mobile)
- PDF Document Scanner Free (com.doscanner.mobile)
- CryptoTracker (Cryptolistapp.app.com.cryptotracker)
- Gym and Fitness Trainer (com.gym.trainer.jeux)
- Gym and Firness Trainer (com.gym.trainer.jeux)
The researchers said in a post, “What makes these Google Play distribution campaigns very difficult to detect from automation (sandbox) and machine learning perspective is that dropper apps all have a tiny malicious footprint. This small footprint is a (direct) consequence of the permission restrictions enforced by Google Play.”