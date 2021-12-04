A total of 12 malicious Android apps on the Google Play Store are stealing people’s bank account details, and those apps have been downloaded 300,000 times, according to researchers at ThreatFabric.

In a blog post, cybersecurity experts pointed out that such apps only introduce malware content through third-party sources after being downloaded from the Google Play Store.

Malicious Android apps on the Google Play store identified by researchers included QR Scanner, QR Scanner 2021, PDF Document Scanner Free, PDF Document Scanner, Two Factor Authenticator, Protection Guard, QR CreatorScanner, Master Scanner Live, CryptoTracker and Gym and Fitness Coach.

The researchers say these apps are part of four malware families – Anatsa, Alien, Hydra, Ermac – that are designed to steal users’ bank passwords as well as two-factor authentication codes. The malware still captures what you type and takes screenshots of users’ phones.

The Anatsa malware family, according to the report, has been downloaded over 100,000 times. It should be noted that such apps get positive reviews in the Google Play Store, which would make them look more legitimate.

Google tried to solve the problem by introducing several restrictions to arrest the distribution of fraudulent applications. But what makes these apps difficult to detect is that they have a very small malicious footprint, which is not detected by the Google Play Store.

“These apps entice users by offering additional content through third-party updates. In some cases, malware operators are said to have manually triggered malicious updates after tracking the geographic location of infected devices,” the researchers added.

Previously, in 2020, the Joker Trojan found its way into the Google Play Store, affecting users by enrolling them in paid subscriptions without their consent.

However, there are steps you can take to prevent the accidental installation of malware on your device. The most important thing in this case is to download effective antivirus software, which can scan each new downloaded application and monitor it for any suspicious activity.