{"id":34959,"date":"2022-08-04T05:06:52","date_gmt":"2022-08-04T05:06:52","guid":{"rendered":"https:\/\/harchi90.com\/android-warning-for-all-users-17-password-stealing-apps-to-delete-now\/"},"modified":"2022-08-04T05:06:52","modified_gmt":"2022-08-04T05:06:52","slug":"android-warning-for-all-users-17-password-stealing-apps-to-delete-now","status":"publish","type":"post","link":"https:\/\/harchi90.com\/android-warning-for-all-users-17-password-stealing-apps-to-delete-now\/","title":{"rendered":"Android warning for all users \u2013 17 password stealing apps to delete now"},"content":{"rendered":"
\n

ANDROID users have been put on high alert for malware infections that can hijack personal and banking information.<\/p>\n

Hackers have bypassed Google Play Store moderators and are targeting users’ bank accounts.<\/p>\n

\n
<\/p>\n

2<\/span><\/p>\n<\/div>

The Google Play Store has more lax policies than the Apple App Store<\/span><\/figcaption><\/figure>\n
\n
\"The<\/p>\n

2<\/span><\/p>\n<\/div>

The full slate of malicious apps carrying DawDropper<\/span>Credits: Google Play Store<\/span><\/figcaption><\/figure>\n

Cybersecurity analysts at Trend Micro published a blog on 17 apps that were used to bait users into turning over their information.<\/p>\n

In hacking parlance, a “trojan” is a malware program that is dispensed by a “dropper”, which is an app that appears legitimate.<\/p>\n

This flagged malware campaign is called DawDropper and it deploys one of four “banking trojans”.<\/p>\n

One strain of the malware steals personal banking information by recording screen activity and keystrokes.<\/p>\n

\n
\n
\n
\n
\n
\n
\"Android<\/div>\n<\/div>\n<\/div>\n
\n
\n
\"Android<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n

This malware payload – called Octo – can also keep the phone awake while working to override permissions and silence any alarms that may notify Google of bad activity.<\/p>\n

The hackers have evidently found an effective way for dodging the Google Play Store’s threat prevention policies.<\/p>\n

The apps are not flagged by the Google Play Store because the malicious script only activates after the app has been downloaded, ZDNet reports.<\/p>\n

The analysts at Trend Micro say they expect trojan droppers to remain in style for hacking campaigns. <\/p>\n

\n
\n
\n
\n

Most read in Phones & gadgets<\/h3>\n<\/section>\n<\/div>\n<\/div>\n<\/div>\n

DawDropper was masked in false apps advertising VPNs, call recorders, and other tools for Android.<\/p>\n

The apps known to be carrying DawDropper malware have been removed from the Google Play Store.<\/p>\n

\n
\n
\n
\n
\n
\n
\"Full<\/div>\n<\/div>\n<\/div>\n
\n
\n
\"American<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n

Remember to vet the apps you use before freely downloading.<\/p>\n

If an app has limited reviews or it’s the developer’s only product, then install with extreme caution or do not install at all.<\/p>\n<\/div>\n