It has been reported and flagged by security researchers from ESET about the list of malicious apps that can steal your banking login details. These apps on Google play store can steal your banking login details.
These Apps On Google Play Store Can Steal Your Banking Login Details
Such apps sends fake text messages from your mobile to extract your sensitive login details. Such apps are disguised behind the niche of battery managers, cleaners, device boosters, and even horoscope-themed apps.
Usually, such apps pops up a dialog box in your mobile phone with a login page. The login page asks you to enter your login ID to login into your app. When user enters, the hacker gets the details of other apps. The same method is used to do several social engineering tactics in order to extract your ATM security pin by the method of “guessing”.
Let’s take an example of the name of victim to be John. John’s full name is John Deo and his date of birth if 12th October 1980. John uses his password as 12101980 for Facebook logins and 121080 for Mobile PIN for his banking app access. John uses the password 12101980 which is same as Facebook’s login into the malicious app and registers over there. The hacker now reads and predicts all the possible password ranges and tries every possible passwords and get access! This is how things are done.
How Do Such Malicious Apps Operate Their Scams?
Security researchers have found 29 sneaky Trojans that are “very hard” to detect. Such Trojans are encrypted in a way that an anti-virus cannot detect or identify it as a “virus”.
Such Trojans can be controlled remotely from Hacker’s device and has ability to access any app on victim’s computer device.
They use customized phishing attacks along with activities like intercepting and redirecting text messages to bypass SMS-based two-factor authentication, reading call logs, and downloading as well as the installation of other malicious apps on the compromised device.
Which Are Those Apps?
Here are the list of apps that are reported by the cyber security researchers. If you have any of the apps installed in your device, remove it immediately and change all your login details as soon as possible.
|Power Manager||Master Cleaner – CPU Booster|
|Astro Plus||Daily Horoscope – Astrological Forecast|
|Master Cleaner – CPU Booster||Speed Cleaner – CPU Cooler|
|Master Clean – Power Booster||Horoscope 2018|
|Super Boost Cleaner||Meu Horóscopo|
|Super Fast Cleaner||Master Clean – Power Booster|
|Daily Horoscope For All Zodiac Signs||Boost Your Phone|
|Phone Booster – Clean Master||“Phone Cleaner – Booster|
|Speed Cleaner – CPU Cooler||Clean Master Pro Booster 2018|
|Ultra Phone Booster||Clean Master – Booster Pro|
|Free Daily Horoscope 2019||BoostFX.Android cleaner|
|Free Daily Horoscope Plus – Astrology Online||Daily Horoscope|
|Phone Power Booster||Personal Horoscope|
|Ultra Cleaner – Power Boost||How to stay safe|
It is said that the above lists are not yet the full list of apps that steals your data. There might be many more apps doing the same without your consent. So uninstall all malicious/doubtful apps that act strange in your device. Such “strange” behaviour can be like pop up dialog to ask your login and etc. If you found such apps, uninstall them right away.
As soon as you uninstall all malicious apps, you must reset all the login details that are/were inserted in your mobile phones. So that hackers cannot login into them later even after deletion of these apps.
How To Protect Myself Against Such Phishing Scams?
Phishing scams can be very harmful for your online existence as well as your personal life. But sometimes such scams may come so disguised that you can even doubt if that is really a phishing scam or not. So it’s better to use a strong password. But is that only the solution? No. Use different-different passwords on different websites.