new Delhi. In this era of technology, the more convenience people have got, the more the risk of becoming fraud has also arisen. A malicious banking Trojan app specifically for Android phones has just surfaced. This money-stealing scam app was targeting banking apps, online wallets, insurance apps, crypto wallets and more to steal data and passwords. Once again, it will share access with hackers who will steal the victim’s money. The worst part about this online scam is that the app was found on Google Play Store and downloaded more than 10 thousand times by innocent users. It is called ‘QR Code & Barcode Scanner’ app and has since been banned from Google Play Store. Check out how this app Banned by Google Play Store was working. The scam came to light after a report by an online fraud management and prevention firm. In which it was emphasized that the Trojan malware released by the app named TeaBot came in early 2021. The Trojan was created to steal the ‘credentials and SMS’ of the users. The malware was very powerful and was designed in such a way that it was not easily visible.
How this scam app stole users’ money on Google Play Store
QR Code & Barcode – Scanner app itself was designed to provide certain benefits to the users and thus became quite popular. It worked as an advertisement, so it had generally positive reviews. Although the app looked genuine and it was easily an online scam app. Once downloaded, it will immediately request permission to download another app called QR Code Scanner: Add-on. Several Teabot malware samples were included in this app. Once installed, the Trojan will request approval to control the smartphone’s screen. Once this is done, it will detect the required information such as login details, SMS messages and two-factor authentication code. This magically requested permission to allow Teabot to record keyboard entries while providing easy access to much needed data. The report said that ‘the distributed app on the official Google Play Store only requests certain permissions and then the malicious app is downloaded. , The app was operating out of the Google Play Store and was generally developed over the past two years. Earlier, the Trojan was distributed through SMS-based phishing campaigns, where users were sent fake updates on the common app and once the users downloaded it, the Trojan would be installed. This money theft scam app was removed by Google, but it may still live on your smartphone. If you want to check if your smartphone has this app then you can visit this link and confirm. If you have it, delete it immediately. Along with this, in the coming time, never give permission to any such app which it does not need. One should always take some time to read the permissions it is requesting and if in doubt then immediately uninstall and report the app.
[Attribution to NBT]