The UK appears to be the most vulnerable area for Android users, once again being told that their phones may be at risk from hackers.
A number of popular apps, including one that Google recently banned, have been installing vicious malware that hacks into bank accounts. If you downloaded it from the Play Store, delete it immediately.
Bitdefender’s security team reports that X-File Manager was able to avoid Google’s strict rules by appearing on the Play Store without presenting anything malicious.
The app worked as advertised and nobody would ever know that anything was wrong.
However, once installed onto a device, a pop-up message soon appears on the display warning that the application needs a vital update. Instead of this upgrade coming via the official Play Store, phone owners are taken to third-party websites where malware is then deposited right onto the device.
In the unlikely event that Google will ever discover the dangerous application or remove it from its store, they use this so-called “dropper” technique.
Criminals adopt more stealthy methods and explain more about the threat, Bitdefender said: “The Google Play Store will likely detect a Trojan-Banker uploaded to their repository. In one way, an app can double as a dropper for more insidious malware, sometimes legitimate with some advertised features.”
It’s thought that X-File Manager was downloaded over 10,000 with the majority of installs taking place in the UK.
If you think you may have been duped, you need to remove the app as soon as possible as your phone may be infected with Sharkbot, which could compromise your bank account.
Fully capable of stealing bank details by intercepting data including SMS messages, this malicious malware overlays fake log-in windows. Once this data is in the hands of hackers it can then be used to siphon money and make transactions without the owner’s permission.
“A common theme we’ve noticed in the last few months consists of malicious apps distributed directly from the Google Play Store,” Bitdefender added. “If something comes from an official store, people could be inclined to believe it’s safe. Our research has shown this to be false, many times over.”
It’s a good idea to look for negative comments and check reviews before downloading an app, as this is a guide
You should be cautious about updating the application once it is installed, especially if the application appears to direct you to non-Play Store websites.
