Two Malicious Apps Available in Google Play Store

Until yesterday, August 23, two Android apps infected with malware were available for download from the Google Play Store. The apps, “Earn Real Money Gift Cards” and “Bubble Shooter Wild Life,” were uploaded by the same developer, Boris Block, and deliver the BankBot malware and a new dropper malware, respectively. BankBot is a mobile banking trojan known for its ability to bypass Google’s security checks to land in the Play Store. The new dropper malware abuses the Android Accessibility feature to gain administrative rights on the victim's device. The two apps bypassed Google security by delaying their malicious activity for 20 minutes, at which point Google had finished its security scans. Fortunately, both apps have low download rates, currently under 5,000. The NJCCIC recommends all mobile device users, and Android users in particular, audit their devices and delete apps that are not necessary or were acquired from untrustworthy sources or developers. Mobile users should only download apps from official app stores and avoid apps with low download rates or user ratings. It is advisable to research apps before downloading, and consider installing an antivirus solution on all mobile devices. For more information on threats to Android devices, please see our Android Threat Profile page.

AlertNJCCICGoogle, Android, Malware