It has been discovered that some apps downloaded from the Google Play Store in recent months have stolen Android users' banking details.
How the Play Store planted malware on 500,000 Android smartphones
According to a new report from ThreatFabric, four separate threat campaigns were distributed via apps on the Google Play Store over the past four months. The apps in question, which masquerade as QR scanners, PDF scanners, and cryptocurrency wallets, were reportedly downloaded over 300,000 times and may have gained access to user passwords and two-factor authentication codes.
According to reports, the apps were able to bypass Google Play's security systems by initially offering a regular, harmless app, but then introduced malware to users who downloaded updates for the app.
“What makes these Google Play distribution campaigns so difficult to detect from an automation (sandbox) and machine learning perspective is that dropper apps all have a very small malicious footprint,” researchers from mobile security firm ThreatFabric wrote in the report. “This small footprint is a (direct) result of the permission restrictions enforced by Google Play.”