'TeaBot' malware ,data-stealing app found in Google Play


By MYBRANDBOOK


'TeaBot' malware ,data-stealing app found in Google Play

A newly found dangerous Android malware found In Google play store, it is capable of stealing your data like passwords and text messages, has been discovered in Google Play and downloaded thousands of times.

 

Initially, TeaBot has been distributed through smishing campaigns using a predefined list of lures, such as TeaTV, VLC Media Player, DHL and UPS and others, according to online fraud management and prevention solution provider Cleafy.

 

The TeaBot banking trojan, also known as Anatsa and Toddler, was first observed in May 2021 targeting European banks by stealing two-factor authentication codes sent by text message.

 

In the last months, we detected a major increase of targets which now count more than 400 applications, including banks, crypto exchanges/wallets and digital insurance, and new countries such as Russia, Hong Kong, and the United States," the researchers informed.

 

Cleafy says that while the malware was previously distributed through SMS-based phishing campaigns using a number of common apps as lures, such as TeaTV, VLC Media Player and shipping apps like DHL and UPS, its researchers say the malicious Google Play app was acting as a “dropper” to deliver TeaBot by way of a fake in-app update. Droppers are apps that appear legitimate, but in fact deliver a second-stage malicious payload.

 

During the last months, TeaBot has also started supporting new languages, such as Russian, Slovak and Mandarin Chinese, useful for displaying custom messages during the installation phases.

 

On February 21, the Cleafy Threat Intelligence and Incident Response (TIR) team discovered an application published on the official Google Play Store, which was acting as a dropper application delivering TeaBot with a fake update procedure.

 

The app, “QR Code & Barcode – Scanner,” since removed, managed to pull in more than 10,000 downloads by the time it was discovered. But because the app offers the promised functionality, nearly all of the app’s reviews are positive.

 E-Magazine 
 VIDEOS  Placeholder image

Copyright www.mybrandbook.co.in @1999-2024 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org