Researchers from mobile security company ThreatFabric have discovered a new batch of malicious Android apps that made their way to the Google Play Store. These apps have been downloaded more than 300,000 times and are basically banking trojans. These apps collect user passwords and two-factor authentication codes, keystrokes, and captured screenshots.
These malicious apps are listed as regular spas lie QR scanners, PDF scanners, and Crypto Wallets. So, several users fell into the trap and download these apps on their phones.
Cyber criminals played a smart move to avoid detection. These apps have a very small malicious footprint and improved malware code efforts. These apps only manually activate the installation of the banking trojan on an infected device. This has made automated detection much harder.
Here is the list of apps and their package name. If you have any of these apps installed on your phone, you should delete the app now.
| APP NAME | PACKAGE NAME |
|---|---|
| Two Factor Authenticator | com.flowdivison |
| Protection Guard | com.protectionguard.app |
| QR CreatorScanner | com.ready.qrscanner.mix |
| Master Scanner Live | com.multifuction.combine.qr |
| QR Scanner 2021 | com.qr.code.generate |
| QR Scanner | com.qr.barqr.scangen |
| PDF Document Scanner – Scan to PDF | com.xaviermuches.docscannerpro2 |
| PDF Document Scanner | com.docscanverifier.mobile |
| PDF Document Scanner Free | com.doscanner.mobile |
| CryptoTracker | cryptolistapp.app.com.cryptotracker |
| Gym and Fitness Trainer | com.gym.trainer.jeux |
| Gym and Fitness Trainer | com.gym.trainer.jeux |
