As it has been known in the last few hours, the popular Android application store has been distributing BankBot malware for the third time this year. The first time this banking malware appeared was in the month of April, being quickly removed by the Internet giant. Later, in September, we read again that BankBot had managed to sneak back into the app store. Now, we know that the malware has returned to get it and has skipped all security measures for the third time.
How can Google get the same malware three times in a year?
We can understand that a new malware gets to skip the security measures once, but it is difficult to explain that it does it three times in such a short space of time. In this case, BankBot is a malware designed to steal bank access credentials. Its way of acting is simple and tries to trick the user into providing this data by showing him/her false versions of his/her bank’s application or of the web page of access to the private area of his/her bank. In this case, it only works if the banks are “known” by the malware. In addition, if the user uses text messages as a double authentication system, the malware also has the ability to intercept them and read their content. The latest version of BankBot has been discovered by RiskIQ in the Google Play Store camouflaged within an application called Cryptocurrencies market prices.
The application is used to buy the price of cryptocurrencies such as Bitcoin or Ethereum, but in reality, in the background, it carries out everything related to the theft of bank access credentials. Undoubtedly, we can suspect this when checking the permissions that it asks for just after installing it, such as the ability to send and receive messages. Luckily, the tech giant Google has already removed the application from the Play Store, although it had been downloaded more than 100 times. The Internet giant insists that it keeps the vast majority of the 1.4 billion Android users safe from malware, but it is unforgivable that it sneaks up to three times in the same year. So, what do you think about this? Simply share your views and thoughts in the comment section below.