Researchers have said that fully patched Android phones are being exploited by malicious software that is designed to drain the bank balance of the users who install it. The malicious apps under the garb of being genuine and legitimate apps are trusted by users. These apps then ask for permission from them to carry out sensitive tasks such as recording audio or video, taking photos, reading text messages or phishing login credentials. Users who choose to go ahead and click on ‘yes’ are then compromised, said a report.
According to Statista, such cases are most serious in versions 6 to 10, which amount to a total of 80 percent of android phones that are being used worldwide. The report also stated that a group of researchers also claimed that a total of 36 applications were found spoofing users. These apps also included variants of the BankBot banking Trojan and have been repeatedly found infiltrating the Google Play Store market.
This is the third time that BankBot has bypassed the vetting and security protocol of Google Play Store. It had entered the official Android marketplace in April. However, the report has also mentioned that a lookout representative from Google has denied the presence of any of the 36 apps on Google Play Store.