217 Android Apps Caught Stealing Banking Information

Google Play Store is in the spotlight again. This time, Trend Micro discovered that 17 Android apps available for download are, in fact, malicious. Make sure you don’t have them installed on your smartphone!

The existence of malicious apps has come to light thanks to a report by the cybersecurity company Trend Micro. The 17 apps are supposed to hijack mobile devices and steal personal data, such as messages or banking information. Although the apps have been removed from Google Play Store, it is better to know their names and check whether you have them installed on your phone.

Android apps that have been caught stealing data

According to the Trend Micro report, the 17 Android apps were smuggling something called DawDropper onto mobile devices. A dropper is a piece of malware designed to cause a chain reaction and install other types of malicious software. This one was created to infect Android devices with trojans stealing banking information.

The malicious apps identified by Trend Micro appear quite innocent. They are photo editors, document scanners, or file cleaners. Below is the full list:

  • Call Recorder
  • Call Recorder Pro+
  • Conquer Darkness
  • Crypto Utils
  • Document Scanner
  • Document Scanner PRO
  • Eagle Photo Editor
  • Extra Cleaner
  • FixCleaner
  • Just In: Video Motion
  • Lucky Cleaner
  • Rooster VPN
  • Simpli Cleaner
  • Super Cleaner
  • Unice QR Scanner
  • Universal Saver Pro (2021/12)
  • Universal Saver Pro (2022/05)

DawDropper contained in these apps came in a few different variants. Each one was infecting devices with a slightly different type of malware, but the goal was the same: to steal personal data, such as bank passwords and PINs, and send it to a server owned by hackers.

Google Play Store – not the safest out there

This is not the first time Google Play Store has been accused of hosting malicious applications. Less than a month before writing this article, Bleeping Computer reported on another batch of adware and malware-infested apps hosted on the Google Play Store. And they had more than 10 million downloads at the time.

The hostile apps were mostly innocent-looking wallpaper changers, image editors, and the like. However, they had a secondary purpose – to steal accounts, push annoying ads to users, or sign them up for various services without their knowledge.

These infected apps asked permission to overlay windows on other applications. They were also able to add themselves to the battery saver’s exclusion list, so they could run in the background even when the phone was locked.

Most of the apps from the first batch should have been deleted from Google Play Store by now, but – as stated by Bleeping Computer – some of them hung in there for quite a long time, infecting devices with malware even after they were exposed.

What to do after installing malicious apps?

Hackers have been targeting Android devices for some time now. This is because infecting them with malware is, apparently, fairly easy – as shown by the number of hostile apps found on the Google Play Store. Once infected, a smartphone or a tablet running on the Android operating system can be used to snatch any personal information and send it to the attacker.

If you happen to have one of the listed apps installed on your phone, uninstall it immediately and delete any files it may have left behind (like installation files). You should also use good antivirus software and scan your device thoroughly.

After that, make sure to change your online banking information – PINs, passwords, etc. Also change the login information for other important accounts, such as email providers. For future reference, ensure that you have anti-malware software on your device and that the Play Protect feature is enabled.

How to protect your device from malware?

While it is sometimes possible to escape a malware infection unscathed, it is better to simply avoid it. Some nefarious codes can do tremendous damage to your devices, data, and most importantly, your sensitive information. This is why defense is the best strategy in this case.

  1. Research apps. As proven earlier, Google Play Store is not the safest place when it comes to downloading apps. Now, of course, it is much better than getting them from some dodgy website, but you should still do your research. Read user reviews and verify app creators before installing it on your Android device.
  2. Protect your connection. Use a VPN for Android to encrypt your connection and secure your data. This way, even if it gets into the hands of a hacker, it should be useless to them (but try to protect your sensitive information, so it doesn’t get out of your possession in the first place).
  3. Learn to spot malicious apps. Google Play Store is not the best with user protection, so you should learn to notice red flags yourself. Apps that are not very trustworthy often have strange-looking descriptions full of grammar mistakes, screenshots that look stolen and/or edited, and their developers have little or no proven experience in mobile software development.