This virus utilises innocent-looking Android apps to infect Android phones.
Days after McAfee reported a new malware strain impacting millions of devices via Google Play Store apps, more badnews for Android users.
Trend Micro found 17 additional Android apps that drop malware in a new research.
According to the business, ‘DawDropper‘ can collect banking information, intercept text messages, and compromised devices.
The apps are no longer on the Play Store, but you should remove them from your devices immediately since they can
still do damage.
Change your bank and email passwords.
What is DawDropper?
A ‘dropper’ is a trojan that infiltrates a device and instals another piece of software, or its payload.
Trend Micro says DawDropper variants drop Octo, Hydra, ERMAC, and TeaBot.
These launch different executables on a user’s device.
They all want your sensitive info.
To achieve this, they’re wrapped in seemingly harmless apps that offer ostensibly useful services like cleaning your
device.
Trend Micro explains that the Octo malware can capture your screen to steal passwords and PINs and then keep your device awake to send this data to attacker-controlled locations.
DawDropper is a DaaS or Dropper-as-a-service model of malware, which means someone paid the authors to steal data.
The goal of stealing this data is likely to be malevolent, so don’t hope for the best and secure your devices immediately.
This malware has been found, but it’s not a good picture for the Google Play Store, especially after McAfee called it out days ago.
Trend Micro found that the Octo payload disables Google Play Protect, which prevents downloaded apps from executing dangerous code.
Trend Micro noticed that these programmes are also on the Apple App Store, but they did not mention security issues.
The iOS safety net assumes no malicious apps are on the App Store, thus it’s unclear if iOS devices are also
vulnerable.
If you own an iPhone, remove these apps immediately.