Google banned this dangerous app

Google: The more convenience people have in this technological age, the greater the risk of becoming a victim of fraud. A malicious banking Trojan app for Android phones has just been discovered. To steal data and passwords, this money-stealing scam app targeted banking apps, online wallets, insurance apps, crypto wallets, and more. It will once again share access with hackers who will steal the money from the victim. The worst part about this online scam is that it was discovered on Google Play Store and downloaded over 10,000 times by unsuspecting users. It’s called ‘QR Code & Barcode Scanner,’ and it’s been removed from the Google Play Store since then. Check out how this Google Play Store-banned app worked.

A report by Cleafy, an online fraud management and prevention firm, exposed the scam. In which it was stated that the TeaBot Trojan malware was released in early 2021 by the app TeaBot. The Trojan was designed to steal the users’ “credentials and SMS.” The malware was extremely dangerous and was designed in such a way that it was difficult to detect.

How did this Google Play Store scam app steal money from users?

The QR Code & Barcode – Scanner app was created with the intention of providing users with certain benefits, and as a result, it has become quite popular. Because it served as an advertisement, it received mostly positive feedback. Despite the fact that the app appeared to be legitimate, it was most likely an online scam. It will ask for permission to download another app called QR Code Scanner: Add-on as soon as it is downloaded. This app contains several Teabot malware samples.

The Trojan will ask for permission to control the smartphone’s screen once it has been installed. It will then detect the necessary information, such as login credentials, SMS messages, and a two-factor authentication code. This magically requested Teabot’s permission to record keystrokes while also providing quick access to critical data.

According to the report, “the distributed app on the official Google Play Store only requests certain permissions before downloading the malicious app.”

The app was developed over the course of two years and was available on the Google Play Store. Previously, the Trojan was distributed through SMS-based phishing campaigns, in which users were sent fake updates for a common app, and the Trojan was installed once they downloaded it. Google removed this money-laundering scam app, but it may still be on your phone.

If you want to see if your smartphone has this app, go to this link and double-check. If you have it, get rid of it right away. Furthermore, never grant any app permission that it does not require in the future. Always take the time to read the permissions that an app is requesting, and if in doubt, uninstall and report the app.

Comments are closed, but trackbacks and pingbacks are open.