ESET, a leader in proactive threat detection, alerts on a number of applications of financial institutions in Google Play that were a hoax to steal information Confidentiality of users from all over the world. The affected entities are located in Austria, Poland, Switzerland, United Kingdom, Australia and New Zealand.
By using fraudulent forms, malicious applications were able to get the details of the credit cards of the affected users, as well as the credentials of access to certain financial services. Fake apps first appeared on Google Play last June with different developer names, although the company has already removed them from their official store. The fact that the different apps had different similarities in the code suggests that they were developed by the same offender.
The attacker was impersonating official applications and in case there was no official app of legitimate service (as Bitpanda) simulated it to get confidential information from users. To do so, he requested the credentials of access to the credit card information. Once the data was entered, they were sent to the cybercriminal server and the user received a greeting or a thank you for having successfully accessed the app. From that moment on, the fraudulent application no longer performs any action.
The financial services concerned were Bitpanda, Santander Bank Polska (Bank Zachodni WBK), PostFinance, TSB Bank, ASB Bank, the Australia and New Zealand Banking Group and Commonwealth Bank of Australia.
“If you have downloaded any of these applications, we advise the affected users to remove the malicious apps immediately, as well as modify the PIN code and passwords to access their online banking services, adding whenever possible the Double authentication factor. Users who suspect that they have been victims of this malware should also check for unusual transactions in their checking account and contact their bank. “, commented Camilo Gutierrez, head of the Research Laboratory of ESET Latin America.
From ESET It is recommended to always download the banking or financial applications from the official Google store and check that they are linked to the official website of the entity. In addition, a sign of confidence is to check the number of downloads and the valuation of the users. Finally, having an updated security solution on your device, such as ESET Mobile security, can help detect any anomalous situation.