Vane3alga

Business
Focused
Technology

Researchers Have Their Eye on Malicious Clones of Android Apps That Put Devices at Risk

IT360
IT360

Researchers at Check Point have found malicious apps in the Google Play Store that will download Trojans to infected devices.

Malicious Clones of Android Apps

“Check Point Research (CPR) recently discovered a new Dropper spreading via the official Google Play store, which downloads and installs the AlienBot Banker and MRAT,” the researchers write. “This Dropper, dubbed Clast82, utilizes a series of techniques to avoid detection by Google Play Protect detection, completes the evaluation period successfully, and changes the payload dropped from a non-malicious payload to the AlienBot Banker and MRAT.”

The malicious apps posed as VPNs or audio apps. Once the malware was installed, it would gain access to the device’s banking apps.

“The AlienBot malware family is a Malware-as-a-Service (MaaS) for Android devices that allows a remote attacker, at a first step, to inject malicious code into legitimate financial applications,” Check Point says. “The attacker obtains access to victims’ accounts, and eventually completely controls their device. Upon taking control of a device, the attacker has the ability to control certain functions just as if he was holding the device physically, like installing a new application on the device, or even control it with TeamViewer.”

If the victim’s phone doesn’t allow external installations, the malware will try to trick the user into granting permission.

“If the infected device prevents installations of applications from unknown sources, Clast82 prompts the user with a fake request, pretending to be ‘Google Play Services’ requesting the user to allow the installation every 5 seconds,” Check Point says. “After the malicious payload is successfully installed, the dropper app launches the payload downloaded. In the case of Clast82, we were able to identify over 100 unique payloads of the AlienBot, an Android MaaS Banker (Malware as a service) targeting financial applications and attempting to steal the credentials and 2FA codes for those applications.”

Google has since removed the malicious apps from the Play Store. New-school security awareness training can help your employees avoid falling for phishing attacks and other social engineering tactics.

Check Point has the story.

SOURCE: KnowBe4.com

Success Stories

Partner, Law Firm

We hired IT360 as our computer hardware and software computer consultants when the company first went into business. Since then, they have helped us purchase new software and hardware equipment that we have instituted into the law firm. Any time we needed them to be there they have been. They have solved all of our problems including: stand alone computers, networking issues, Internet access issues, and software. I would highly recommend IT360 to anybody who needs help in these areas.

Partner, Law Firm

Recent
Technology News

IT 360 News - Cybersecurity Is A Business Risk
Cybersecurity Is A Business Risk

NOT JUST AN IT ISSUE October is Cybersecurity Awareness Month, and while you’ll see plenty of reminders about strong passwords, multi-factor authentication, and avoiding phishing scams, here’s the truth: cybersecurity is no longer just a technology issue—it’s a business risk that every owner and executive needs to own. Why Business Owners Need to Pay Attention […]

Read more
IT 360 News - AI in Business
AI in Business

WHAT IT360 IS DOING BEHIND THE SCENES Artificial intelligence isn’t just transforming tech companies—it’s reshaping the way every business operates. At IT360, AI has moved well beyond theory and into practical, day-to-day applications that help our clients work smarter, respond faster, and stay secure in a constantly changing landscape. Behind the scenes, our team is […]

Read more