A malicious group of hackers has successfully managed to deliver Anubis malware into the devices by sneaking malicious apps into google play store. The malicious apps were uncovered in June and are designed to steal login credentials of banking apps, wallets and payment cards.
The Payload is being hidden under the applications that claim to offer services like online shopping and livestock market monitoring. Once the app gets downloaded the payload gets delivered via a command and control server and what’s more concerning is it does not get detected by antivirus software.
In order to ensure that the app does not get detected by Google play store, the developers of the malware are constantly altering the capabilities of the malware.
Once the app gets installed on a device, the malware masquerades as an app called “Google Protect” which asks for accessibility rights like. This is done so that the users might trust the malware seeing the name Google on the display.
When the user gives the permission to perform keylogging for the purposes of stealing infected user’s credentials when they use a banking app or payment site. Anubis can also take screenshots of the user’s display.
According to the reports, at least 10,000 people downloaded the malicious downloaders. Although it’s unknown how many of those have subsequently been infected with the malware.
How can consumer stay safe?
Few tips that should for the consumers to be followed:
Don’t download apps from unknown sources, they can be infected with data-stealing malware hidden behind a genuine looking app. Stay away from pirated apps too.
Always check what all permission the app requires the users to allow before installation. Stay cautious with permissions that don’t seem legitimate, for instance, if a calculator app wants to access your call logs or messages it is clear that the app wants unnecessary permission and can be malicious. Trust your gut!
Never click on unknown links, even if it seems to be coming from a known person. You can test the authenticity of the link by hovering your mouse over the link. This will display the real address to which the link is redirecting. If it is not the general link you visit, do not click it.
Only install apps from the official app stores and never from 3rd party websites. Even when downloading from the app store, look at the reviews and #downloads to judge the app.