Last Updated: Mar 07, 2022

The Google Play apps downloaded more than 10,000 times are probably the cause of a so-called Remote Access Trojan (RAT). On 12th Sept 2019, a viewer walks by the Google Play booth on the working day of the Tokyo Game Show 2019 at Makuhari Messe in Chiba, Japan. The Tokyo Game Show will be open to the public on 14th and 15th Sept 2019.

As per the technical news channel information, the Trojan is known by two names, Anatsa and Teabot. According to the study, cybercriminals can purloin the user text messages, passwords, and all other sensitive data used for financial gain using the Trojan virus.

The Teabot virus first appeared in May 2021 in the form of an Android banking Trojan. The research states that Teabot is mainly designed to steal victims’ SMS messages, credentials, and other important information. All this information can be purloin using the affected live streaming devices most requested on demand.

Once the hackers take control of the affected device, hackers are in a position to execute a procedure known as an Account Takeover directly from the affected device, also known as On-Device Fraud. As per the analysis, the Trojan passes through various apps such as UPS, DHL, VLC Media Player, TeaTV apps.

Most of the Google Play applications become Trojan’s initial victims located in the major countries around the globe, including the United States, UK, Russia, and other countries. The Trojan targeted users’ crypto wallets, banks, and digital insurance.

It found that the Teabot is Android malware targeted various institutions such as banks, crypto wallets, and others in January and July last year. It was unclear how much money the hackers were purloining through the scheme; however, it is still a critical cybersecurity threat. The Teabot malware targets many banks in Europe.

At first, the app somehow abandons the radar. But now Trojan is back, and currently, the app masquerades as a QR code application, also known as a Barcode or QR Code Scanner. As per the analyst’s suggestion, if you are searching for the QR code app, beware of this application’s name and avoid installing such apps on your mobile devices.

Till the time, no one has any idea about the Trojan source.

In February, one more Android malware disguised as legitimate applications was found. This malware is known as Joker malware and is located in 14 Android applications, according to the Tatyana Shishkova- Kaspersky Malware Analyst. The Joker malware steals victims’ money right under their noses, as per the recent report.

Fortunately, it is not difficult to protect your phone from the malware that appears to be Google Play applications. The most important thing is that you have to recognize the fake apps before you unknowingly install them on your mobile devices.

As per the Kaspersky-the cybersecurity company, the best method to identify fake apps on Google Play is to look at the application’s permissions. Try to check if these permissions correspond with the purpose of the app. It is also possible to check the app’s reviews for any signs of anomalies or serious issues.

Lastly, be vigilant and only download apps from trusted and verified sources. Do not download anything from a third party as often as you can. Also, avoid “free anti-virus trials” that claim your device is already affected by malware and offer the opportunity to “clean your phone.”


ABOUT AUTHOR