Users being tricked into installing malicious bank account apps! Know 4 ways to stay safe | How-to
Home How To Users being tricked into installing malicious bank account apps! Know 4 ways to stay safe

Users being tricked into installing malicious bank account apps! Know 4 ways to stay safe

After Google Play Store launched a crackdown, cybercriminals have turned their attention elsewhere and are now exploiting WebAPKs to trick users into installing malicious apps.

By: HT TECH
| Updated on: Jul 18 2023, 11:26 IST
Icon
5 amazing animation apps that will give you awesome content to impress your manager
Android smartphone
1/5 Prisma 3D:Prisma is a mobile photo-editing application that employs the power of neural networks and artificial intelligence to seamlessly apply artistic effects, thereby transforming ordinary images into captivating works of art. (Prisma 3D/ Playstore)
image caption
2/5 TweenCraft:It is  a user-friendly cartoon video maker application, designed specifically for Android devices. With its intuitive features, users can effortlessly breathe life into their stories through basic animation and voice modulation functionalities. The app offers  a distinct interface that offers a wide selection of backgrounds, empowering users to create personalized stories of their choosing.  (TweenCraft/ Playstore)
image caption
3/5 Renderforest:Renderforest is an online animation and video creation platform that offers a wide range of customizable templates for creating professional-looking animations, explainer videos, promotional videos, and more.   (Renderforest/ Playstore)
image caption
4/5 ToonMe: It is a photo editing app that effortlessly turns your pictures into animated characters with just a few simple taps. This app is accessible for free on both iOS and Android platforms, allowing users to easily download and enjoy its features.  (ToonMe/ Playstore)
image caption
5/5 FlipaClip: This app empowers users to create impressive animations directly on their smartphones or tablets. With its intuitive interface and lightweight design, this app operates like a virtual flipbook, allowing users to draw on individual pages and flip through them to witness captivating motion. Whether you're a novice or an experienced animator, FlipaClip offers a wide range of features that enable the creation of stunning animations.   (FlipaClip/ Playstore)
Android smartphone
icon View all Images
Victims are being tricked into installing apps, not through the Google Play Store, but through WebAPKs. (Pexels)

Google Play Store has over 2.5 million apps for any and all tasks imaginable under the Sun. However, there have been numerous instances where Android users have downloaded apps from the Play Store and their devices got infected with malware. While Google's Play Protect screens apps before they get onto the platform, some of them can slip through. To protect its users against malware, Google recently announced measures such as the requirement of a valid D-U-N-S (Data Universal Number System) number to submit new apps.

This has forced cybercriminals to think of new ways of duping victims, and a recent campaign has been discovered where they forced victims into installing apps not through the Google Play Store, but through WebAPKs.

According to a report by HackerNews, security researchers at the Polish Financial Supervision Authority's Computer Security Incident Response Team (CSIRT KNF) have revealed that cybercriminals have been exploiting WebAPKs and tricking users into installing malicious apps.

How does it work?

As per the report, hackers send fake messages to victims, telling them to update the banking apps on their phones. The message also contains a link to an external website that uses WebAPK technology to install malicious apps onto the device. The fake banking app used in this campaign was PKO Bank Polski, a Polish multinational bank and financial services company.

The app asked users to enter their credentials and the 2FA authentication code and this allowed hackers to empty the victim's bank account. The report further states that WebAPKs are particularly hard to track since they have a different package name and checksum on every device.

How do hackers exploit WebAPKs?

Like sideloading APKs, WebAPKs also allow users to install apps through the web browser. According to Google, “When a user installs a PWA from Google Chrome and a WebAPK is used, the minting server “mints” (packages” and signs an APK for the PWA.” That means the package automatically gets signed by the provider and does not trigger any security flag. Although it is a quite time taking process, the WebAPK silently gets installed onto the device.

In a statement, CSIRT KNF said, “They are dynamically built by the Chrome engine, which makes the use of this data as Indicators of Compromise (IoC) difficult.”

How to protect yourself against such attacks?

1. Only install apps from official sources such as the Google Play Store.

2. Never download any apps from third-party app stores.

3. Do not open any links from any of the text messages you receive. Banks never ask customers to install any app from a given link.

4. Install antivirus and antimalware software on your smartphone to keep it safe from any potential threat.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 18 Jul, 11:25 IST
Trending: how to restore deleted whatsapp chats: a step-by-step guide play garena free fire like a pro! get 100% headshot accuracy with this one trick garena free fire redeem codes for may 1: new day, new rewards and a chance to do even better! how to get microsoft word, excel and powerpoint for free save all your whatsapp group contacts at once! here's the hack this secret whatsapp trick will let you chat with those who blocked you how to restore deleted whatsapp photos: 4 tips and tricks how to port your jio, vi or bsnl number to airtel run two whatsapp accounts on your android smartphone; here is how how to send telegram secret messages: check out the secret chat feature
NEXT ARTICLE BEGINS

Tips & Tricks

iPhone travel hacks
iPhone tips: 6 useful features in iOS 17 to try during your next foreign vacation
Samsung_Galaxy_M55_5G_10_things_to_know_about_this
Samsung Galaxy M55 5G: 10 things to know about this mid-range smartphone
ash-lab-wuK7M2xH3WU-unsplash
iPhone 15 hidden features: How to take a passport photo on iPhone- 5 steps
Slide_1
5 films to watch on YouTube that are shot entirely on iPhone 15 Pro Max
GTA5_EIGHT
GTA Online: From competing in races to having a party, 7 things to do if you are bored

Editor’s Pick

OnePlus Nord CE 4 Review
OnePlus Nord CE 4 Review: No nonsense smartphone under 25,000
Lok Sabha election 2024: How to find the location of your polling booth online with mobile number
Lok Sabha election 2024: How to find the location of your polling booth online with mobile number
Atomberg fan: What is BLDC tech? Top 5 Atomberg ceiling fans with best price
Best Atomberg ceiling fans (2024) for your modern home: BLDC tech, high speed, saves power bills
iPhone 16 vs iPhone 15
iPhone 16 vs iPhone 15: Know expected upgrades, specifications and what features to expect from Apple
LG Artcool AC launched
LG Artcool AC launched: Here are the latest LG air conditioner models in 2024 and all top features explained

Trending Stories

iPhone 16 vs iPhone 15
iPhone 16 vs iPhone 15: Know expected upgrades, specifications and what features to expect from Apple
iPhones
iPhone discounts: Best deals on iPhone 13, 14, and 15 [April 2024]
Samsung Galaxy Unpacked event date tipped
Samsung Galaxy Unpacked event date tipped: From Galaxy Z Fold 6 to Galaxy Ring, know what’s coming
Apple's May event
iPad Air 2024 may skip mini-LED display- Here's what to expect from Apple Event on May 7
GTA 5 hidden mysteries: Players discover underwater UFO beneath the Pacific Ocean
GTA 5 hidden mysteries: Players discover underwater UFO beneath the Pacific Ocean
keep up with tech

Gaming

Garena Free Fire MAX redeem codes for May 1
Garena Free Fire MAX Redeem Codes for May 1: Faded Wheel brings Golden Fist backpack
Garena Free Fire Redeem Codes for May 1
Garena Free Fire Redeem Codes for May 1: Useful tips to become a pro player and win every match
Free Fire redeem codes for April 30.
Garena Free Fire Redeem Codes for April 30: Smart tips to win battlefield with ease
Sony PS5 Slim price drop announced as part of Summer Sale
Sony PS5 Slim price drop announced as part of Summer Sale; Check offers, price and more
Garena Free Fire MAX redeem codes for April 29
Garena Free Fire MAX Redeem Codes for April 29: Byte Bugbear Bundle coming soon

Best Deals For You

GTA 5 ‘James Bond Trevor’ DLC cancelled: Voice actor speaks out
GTA 5 ‘James Bond Trevor’ DLC cancelled: Voice actor speaks out
Unbeatable Launch Offer
Redmi Buds 5 launched in India with AI Voice Enhancement; Check features, price and more
iPhone activations plummet by 33% in the US as Apple loses ground against Android devices
iPhone activations plummet by 33% in the US as Apple loses ground against Android devices
Samsung Galaxy S23 Ultra
Price drop alert! Samsung Galaxy S23 Ultra 5G now at an unbeatable discount on Amazon!
OnePlus Nord CE 4 Review
OnePlus Nord CE 4 Review: No nonsense smartphone under 25,000

    Trending News

    iPhone 16 vs iPhone 15: Know expected upgrades, specifications and what features to expect from Apple
    iPhone 16 vs iPhone 15
    iPhone discounts: Best deals on iPhone 13, 14, and 15 [April 2024]
    iPhones
    Samsung Galaxy Unpacked event date tipped: From Galaxy Z Fold 6 to Galaxy Ring, know what’s coming
    Samsung Galaxy Unpacked event date tipped
    iPad Air 2024 may skip mini-LED display- Here's what to expect from Apple Event on May 7
    Apple's May event
    GTA 5 hidden mysteries: Players discover underwater UFO beneath the Pacific Ocean
    GTA 5 hidden mysteries: Players discover underwater UFO beneath the Pacific Ocean

    Trending Gadgets

    Mobiles Laptops Tablets