8 Malicious Apps You Should Remove Immediately-Information Technology

Recently, ThreatFabric security researchers have discovered a series of malicious applications targeting Android devices.

Specifically, the analysis report shows that Spain, Turkey, Poland, Australia, USA, Germany, UK, Italy, France, Portugal… are the countries most targeted by the software. toxic.

In just the first 5 months of 2022, the number of malware (abuses Android to commit fraud) increased by more than 40%.

Along with this trend is the appearance of new malware on Google Play, masquerading as utility and productivity tools to deceive users, for example:

– Nano Cleaner (com.casualplay.leadbro)

– QuickScan (com.zynksoftware.docuscanapp)

– Chrome (com.talkleadihr)

– Play Store (com.girltold85)

– Pocket Screencaster (com.cutthousandjs)

– Chrome (com.biyitunixiko.populolo)

– Chrome (Mobile com.xifoforezuma.kebo)

– BAWAG PSK Security (com.qjlpfydjb.bpycogkzm)

Currently 8 malicious apps have been removed from Google Play, however, they will still exist on users’ phones. Therefore, you need to remove them immediately by going to Settings (settings) – Apps (applications), select the malicious application and click Uninstall (uninstall).

Note, malicious apps can be named the same as the official app (eg Chrome, Play Store…), however, the Application ID (eg com.biyitunixiko.populolo) will be different.

After deleting the above applications, users should also change their bank account passwords, and check all suspicious transaction history (if any).

Users should make a habit of changing their bank passwords periodically. Photo: Tieu MINH

Hydra, FluBot (aka Cabassous), Cerberus, Octo and ERMAC 2.0 are among the most active banking trojans.

When the victim mistakenly installs ERMAC 2.0 on the phone, the malware will request permission to use the Accessibility Service to take full control of the device. The researchers found that the trojan granted itself 43 permissions, including access to SMS messages, contacts, creating system alert windows, recording audio, and so on.

When the user opens an app on the phone, the trojan will launch a phishing website with an almost similar interface, thereby collecting sensitive data.

Last year, Google tried to solve the problem of abuse of Accessibility Service (accessibility service) without success. However, the tech giant is experimenting with restricting API access on Android 13 for apps that users download from outside of Google Play.

“Modern banking malware is evolving at a very rapid rate, and criminals are starting to adopt more sophisticated methods,” the researchers said.

According to Tieu Minh (Ho Chi Minh City Law)