14 DAY TRIAL // Six fake finance apps were found and removed from the official Android Google Play store emulating applications from banks and cryptocurrency exchanges and phishing for credit card data and login credentials, as reported by ESET's Lukas Stefanko.
The fake Android apps were disguising themselves as official applications from the Austrian cryptocurrency exchange Bitpanda, and from banks located in Switzerland, the United Kingdom, New Zealand, Australia, and Poland.
The malicious apps were added to the Google Play market in June 2018, and they were downloaded and installed on more than a thousand different Android devices until Google found what their real purpose was and took them down.
Although all the apps were using different designs and developer names when added to the official Android store, Stefanko found enough similarities within their code to conclude that the same crook was behind all of them.
The bogus financial apps were using phishing forms to send credit card data and login info to the crooks
To phish their victims' login credentials and card payment data, the sham applications were using forms designed to ask the targets to fill in their sensitive data and send it to the attackers' servers.
The phishing forms were displayed after the apps' launched on the device and, upon successfully sending the target's sensitive data to the attacker, they presented the victims with "thank you" or "congratulations" messages and then quit.
All users who have installed any of the Android applications found to have malicious behavior by Stefanko are advised to immediately uninstall them, to change their passwords and card PINs, and to check their bank accounts for suspicious transactions.
For future reference, the most crucial step you can take if you want to avoid falling victim to phishing attacks performed through bogus Android apps posing as official financial apps is to install applications linked from the website of your financial institution.
