This Russian app is a Trojan that can steal a user's bank login info. Stunningly, it wasn't getting a very good average rating in the Play Store before it was removed. Image Credit: KasperskyThe apps that were found in the Play Store on December 12th (and deleted on December 13th, after Kaspersky contacted Google) were downloaded numerous times, suggesting that the apps likely snagged bank login information from several victims. The apps are fairly sophisticated and require multiple interactions with the victim to retrieve the login information. You’ll be looking at a screen that looks legitimate, but is asking to you to send your mobile phone number to a server that doesn’t belong to the bank. SMS messages are also used as part of the scam.
Despite the safeguards companies like Amazon, Apple, and Google put in place, app stores still sometimes accept apps with dubious or malicious purposes. Most of the time, a little caution and commonsense are all you need to stay safe, but with fake app developers getting sophisticated, it’s going to get harder to tell real apps from malware – a Netflix fake being a prime example.