|
Britons with Android smartphones and tablets have been urged to watch out for fake software updates that could give away passwords, financial information and even let criminals take control of their devices.
Computer security company McAfee warned it had noticed a spate of malware trojans originally from Brazil targeting the Google Play Store and trying to trick users into downloading them.
In Britain, where phones with the Android operating system account for almost half of the market, people have also been told to be on the lookout.
So-called 'BRATAs', or Brazilian Remote Access Tool Android, originally appeared in the South American country in 2018, according to McAfee, and became widespread from January 2019.
Now spreading elsewhere, these RATs pose as security apps which tell their users they need to update their software, whether that is a search engine like Google Chrome, a messaging app like WhatsApp or even a PDF viewer.
However, rather than updating these apps, they install malicious software, malware, which allows criminals to take control of devices.
According to McAfee, these trojans can display phishing websites which are used to harvest financial details which can be used to steal money or commit identity theft; and can directly capture lock screen details like a password or keystrokes through keylogging software. They can even introduce screen recording software.
The company said it had found at least five malicious apps in the Google Play store, where Android users can download everything from Candy Crush to TikTok, which were capable of such actions.
Most were downloaded between 1,000 and 5,000 times, but one had as many as 10,000 downloads.
Of the ones McAfee said it had found, the first was discovered in May and the latest last October, all of which had been removed by Google from its store.
They all posed as security software, calling themselves names like 'PrivacyTitan' and 'SecureShield'.
While they initially targeted Brazilians or other Portuguese speakers with Android phones, these malicious apps have become more widespread.
'In June we noticed that threat actors behind BRATA started to add support to other languages like Spanish and English, McAfee said in a blog post published on Monday.
'Depending on the language configured in the device, the malware suggested that one of the following three apps needed an urgent update: WhatsApp (Spanish), a non-existent PDF Reader (Portuguese) and Chrome (English).'
Although McAfee had not suggested these apps had become widespread in the UK, Britons living through a fraud epidemic which has stolen hundreds of millions of pounds during the pandemic were urged to be on their guard.
Impersonators throughout the coronavirus pandemic have posed as legitimate financial firms, parcel delivery companies, and even the NHS and the Government, using cheap number-spoofing software.
As a result, this could simply be the latest step. Ray Walsh, from the company ProPrivacy, said news of the spread of the 'sophisticated' trojan meant it was 'vital' those in the UK were warned they could be infected.
He said: 'By accepting and agreeing to accessibility services, the user installs a sophisticated banking trojan that gives the hacker full remote control over their device.
https://www.dailymail.co.uk/money/beatthescammers/article-9470715/Warning-Android-smartphone-users-sophisticated-banking-trojan.html
|
