Another day and another malware scare and this time it’s targeting people via a Fake Google Play store. This malware scheme targets smartphone users and directs them to a fake clone of the Play Store. And what can be more disturbing than being dodged inside out?
As per a report by Tech Radar, hackers have put in the extra effort this time to develop a direct copy of the legitimate Google Play Store page. Through which they are able to install a malicious clone of a bank app in Brazil. And once they are able to achieve the target and infect a phone rest becomes history.
FAKE Google Play Store malware
When the victim of the fake Google Play Store downloads an app from it, it downloads an APK installer of the app. Which is completely different from the original store that would never provide its users a copy of the APK installer of the app.
Instead, tapping on the Download button should have prompted the smartphone to directly install the app on the mobile device. And according to cybersecurity experts, the download of an APK is the most significant red flag found on the fake Play Store.
In a report by The Hacker News, the fake app marketplace directs its victims to download a malicious banking app, which carries malware in it. The impostor app has garnered a whopping 1.8 million downloads, making it look more authentic to unknowing users.
The malware-laced banking app does not ask for too many permissions. This helps it sail past virus scanning platforms, its accessibility services allow hackers to carry out the attacks.
The permissions that the malicious app is asking for includes swiping gestures, performing taps, and retrieving window content on the smartphone of the victim. Which itself is enough to note down sensitive information and steal money from someone’s account.
So that’s why you should always beware and steer clear of downloading from unknown sources. And also double check on every app’s behavior. Before handling sensitive info on a device that might be compromised by hackers.