Researchers issued a serious warning to Android device owners on Tuesday, alerting them to the discovery of eight dangerous applications in the Google Play Store that could have allowed an attacker to take a victim’s smartphone and empty the bank account.
This is according to Check Point Research, which said in its report on the discovery that the cyber threat intelligence company actually found the applications on January 27 and notified Google about them the next day. One month ago today, Google confirmed that they were removed from the Play Store – but you need to remove them from your device anyway, if you have them. So what exactly happened here? Read on for details as well as the names of all eight identified Android apps.
The best deals today 
Amazon shoppers are obsessed with AccuMed black face masks – now at the lowest price! Price:$ 19.99 
Available from Amazon, BGR may receive a commission Available from Amazon BGR may receive a commission
Check Point researchers explained that what they discovered was a malware escape device called “Clast82”, which spread through the eight applications. What’s scary is that the dripper managed to avoid being caught by Google Play Protect and also includes a Trojan with remote access so ugly that one of the researchers said Forbes allows the attacker to take “full control of a victim’s phone – pretending the hacker is holding the physical phone.”
According to Check Point findings, this particular dripper seems to prefer AlienBot Malware-as-a-Service (MaaS), which allows an attacker to remotely inject malicious code into legitimate financial applications on Android devices. “The attacker gains access to the victims’ accounts and, in the end, completely controls their device,” the researchers explain. “When you take control of a device, the attacker has the ability to control certain functions, such as holding the physical device, such as installing a new application on the device, or even controlling it with TeamViewer.”
The eight applications in question, together with the names of their packages, are as follows for Check Point Research:
- VPN Cake (com.lazycoder.cakevpns)
- VPN VPN (com.protectvpn.freeapp)
- eVPN (com.abcd.evpnfree)
- BeatPlayer (com.crrl.beatplayers)
- QR / MAX barcode scanner (com.bezrukd.qrcodebarcode)
- Music Player (com.revosleap.samplemusicplayers)
- tooltipnatorlibrary (com.mistergrizzlys.docscanpro)
- QRecorder (com.record.callvoicerecorder)
Again, you should immediately delete any of these applications immediately if you find them on your device. It might also be a good idea to change any passwords associated with your financial accounts, as accessing them is one of the concerns here.
While hackers can be quite smart and creative insofar as they will go into hiding the true intentions and nature of their applications, this is another opportunity to remind you that you should always check the applications you are preparing to download and identity. the developers behind them. There doesn’t seem to be a situation where the above apps could infect millions of devices before the researchers caught them – this time. But hackers who are truly hired will keep coming back, unscathed, until they score.
The best deals today 
Amazon finally has KN95 6-layer masks made in the USA! Price:$ 39.99 Available from Amazon, BGR may receive a commission Available from Amazon BGR may receive a commission
Andy is a reporter in Memphis, who also contributes to stores such as Fast Company and The Guardian. When not writing about technology, it can be found squatting protectively over its thriving vinyl collection, as well as for taking care of Whovianism and getting into a variety of TV shows that you probably don’t like.