17 Innocent-Looking Android Apps Steal Banking Credentials – Remove Them Before You’re Next

Your bank details are not secure, according to Trend Micro (opens in a new tab) research, especially if you have one of the malware-infested apps they discovered in their cybersecurity report. These Google Play Store apps look harmless, but they are injected with banking trojans and behind users’ backs, they collect sensitive information including banking details, passwords, emails, text messages, etc.

Trend Micro investigators dubbed this malware campaign “DawDropper”. Fortunately, apps containing Trojans have been removed from the Google Play Store, but this does not automatically remove them from users’ phones. Check out the following 17 blacklisted apps and make sure they are not on your device.


Apps DawDropper Google Play Store (Image credit: Trend Micro)

Interestingly, many infected apps posed as “cleaners”, photo and video editors, QR code and document scanners, VPNs and call recorders. DawDropper campaign apps were caught installing four types of banking Trojan variants, including Octo, Hydra, Ermac, and TeaBot.

To shed light on the mind-blowing capabilities of DawDropper, Trend Micro took a look at how the Octo banking trojan works. Once it is successfully installed on the victim’s phone and obtains core permissions, Octo keeps the device awake and registers a scheduled service to upload sensitive information to the cybercriminal’s server.

“It also uses Virtual Network Computing (VNC) to record a user’s screen, including sensitive information such as banking credentials, email addresses and passwords, and PIN codes,” the researchers said. To make matters worse, Octo blackens out the victim’s device by turning off its backlight. It also mute the phone to hide malicious behavior. Ouch!

How to protect against future DawDropper malware campaigns? Trend Micro advises Android users to check app reviews before downloading; users usually express concerns and complaints about malware-infested apps. Be sure to research app developers and publishers; Avoid installing apps from unknown sources.

About Cedric Lloyd

Check Also

Dark High Speed ​​Action “Tokyo Underground Killer” Announced For 2023

Phoenix Game Productions has announced the production of its first new original title, Tokyo Underground …