Android security: Password-stealing malware sneaks in Google Play store in bogus apps

A cyber crime group has sneaked apps onto the official Google Play Store which then serve up Trojan banking malware to Android users, security researchers have revealed. The campaign delivered Anubis malware designed steal to login credentials for banking apps, e-wallets and payment cards. The payload was hidden in applications which claimed to offer various legitimate services.

The Android malware campaign has beenĀ unearthed and detailed by researchers at IBM X-Force, who suggest the effort put into making the applications look legitimate indicates “a large investment of resources on the part of the campaign’s operator”.

Read more about the campaign that involved at least ten Android apps delivering banking Trojan malware to victims, on ZDNet.

Gain Deeper Insights Into The Threat

Sign up to gain access to our special reports on threat actors and their tactics as well as daily Threat Brief.

Your support will enable us to continue our production of action-oriented content and help us help you stay informed on the latest in adversary activities.

Try our free two week trial.

Sign Up For Free Trial of The Daily Threat Brief