Watch out, Android fans this banking malware threat is masquerading as a Google Play update
Date:
Wed, 29 May 2024 12:08:09 +0000
Description:
A new malware strain is posing as a Google Play Store update, and it could steal your passwords and banking logins.
FULL STORY ======================================================================
Its good mobile security practice to keep your devices regularly updated, but a new piece of Android malware suggests doing that could in fact lead to disaster. Thats because hackers have launched a devious new trojan that masquerades as an official Google Play update.
First discovered by cybersecurity company Cyble (via Toms Guide ), the
malware has the power to completely take over your phone. Dubbed Antidot, it can harvest your text messages, log which keys you press, and control things like your camera and screen lock. That means its an incredibly powerful
weapon in the wrong hands, with the ability to track your passwords and banking logins and thereby gain access to a tremendous trove of personal
data.
Its thought that youll first encounter Antidot through phishing messages that claim to be from Google and tell you to update Google Play. If you follow the link in the message, youre led to a convincing-looking website that offers up a malicious download package, which in turn installs Antidot. As you might have realized, this means the download needs to be sideloaded rather than coming from the legitimate Google Play Store itself, which should immediately ring alarm bells.
Cybles researchers noticed that Antidot can display pages in several
different languages, suggesting that it can quickly be tailored for victims
in different regions. That implies a level of sophistication beyond that possessed by simple amateur hackers. How to stay safe (Image credit: Shutterstock / rafapress)
This hacking campaign serves to highlight the risks of installing anything from a suspicious location. The Google Play app can be updated from within
the app itself, so Google would never recommend you install an update from a web page or other location even if the page is carefully designed to look like the companys official website.
For simplicity, you can enable automatic app updates on Android by opening
the Google Play Store app, tapping your profile icon in the top-right corner, then selecting Settings > Network preferences > Auto-update apps. Now choose to either update over Wi-Fi or any network. This should ensure everything is kept up to date, rendering suspicious update texts and emails completely
moot.
It would also be a good idea to install one of the best Android antivirus
apps on your device. It only takes one slip-up for a bad actor to trick you, but an antivirus app can act as another line of defense to stop malware in
its tracks. Theres also Google Play Protect , which scans apps downloaded
from outside the Play Store.
Throw in a healthy dose of common sense and you should be able to steer clear of trojans like Antidot and keep your Android device safe from harm. You
might also like The best Android antivirus apps for 2024 Google Play Protect is upping its game by scanning apps in real-time Our phones are under threat more than ever but many of us still don't have mobile security protection
======================================================================
Link to news story:
https://www.techradar.com/phones/watch-out-android-fans-this-banking-malware-t hreat-is-masquerading-as-a-google-play-update
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)