Android users beware of another malware scheme targeting smartphone users, which directs them to a fake clone of the Google Play Store.
The new malware scheme forces its targets to download a banking app from a replica of the Google app marketplace to loot their savings account.
New Android Malware and Fake Google Play Store
As per the news story by Tech Radar, threat actors have gone the extra mile to develop a direct copy of the legitimate Google Play Store page to install a malicious clone of a bank app in Brazil.
The researchers from the cybersecurity firm, Cyble, discovered and reported the latest malware campaign on Android.
The findings of Cyble further exposed that unknown cybercriminals are targeting millions of Itau Unibanco customers in Brazil with clones of both the Play Store and its mobile banking app.
Fake Google Play Store
It turns out that the cyberhackers have developed a fake Google Play Store, which TechRadar noted in the same report looks exactly the same as the real version of the app marketplace of the tech giant.
However, the most alarming red flag of the Play Store clone is found after its users click the Download button from the interface of the fake page.
When the victim of the fake Google Play Store downloads an app from it, it downloads an APK installer of the app.
On the other hand, the legit app marketplace of Google never actually provides its users a copy of the APK installer of the app. Instead, tapping on the Download button should have prompted the smartphone to directly install the app on the mobile device.
As such, the cybersecurity experts highlighted the download of an APK as the most significant red flag found on the fake Play Store.
Fake Play Store and Malware Banking App
According to the report by The Hacker News, the fake app marketplace directs its victims to download a malicious banking app, which carries malware in it.
On top of the malware banking app, the malicious Google Play Store clone also claims that the impostor app has garnered a whopping 1.8 million downloads, making the scheme a little bit more legit in the eyes of its targets.
Banking App Malware: How it Works
Although the malware-laced banking app does not ask for too many permissions, which prevents it from triggering virus scanning platforms, its accessibility services allow hackers to carry out the attacks.
The permissions that the malicious app is asking for includes swiping gestures, performing taps, and retrieving window content on the smartphone of the victim.
All of these allow the hackers to empty the bank accounts of their victims.
Leave a Reply