This money-stealing scam app was BANNED by Google Play Store! Did you download it? DELETE
A money-stealing scam app was found to be downloaded more than 10,000 times from the Google Play Store. If you still have this app, you should delete it now!
A particularly malicious banking trojan app for Android phones has just been exposed. This money-stealing scam app was targeting banking apps, online wallets, insurance apps, crypto wallets and more to steal data and passwords. Once retrieved, it would share the access with the hackers, who would steal the victim's money. The scariest part about this online scaml is that the app was found on Google Play Store and was downloaded more than 10,000 times by innocent users. It is called ‘QR Code & Barcode – Scanner' app and it has since been banned from the Google Play Store. Read on to know how this app banned by Google Play Store was operating.
The incident came to light after a report by Cleafy, an online fraud management and prevention firm, which highlighted that the trojan malware released by the app called TeaBot emerged at the beginning of 2021. The trojan was designed to steal the victim's “credentials and SMS messages”. The malware was very intelligent and was created in a way that it could hide in plain sight.
How this scam app on Google Play Store stole money from users
The app QR Code & Barcode - Scanner itself was designed to provide some benefits to users and thus became quite popular. And, since it worked as advertised, it had generally positive reviews. But although the app looked genuine, it was really an online scam app. Once downloaded, it would immediately request permission to download a second app called QR Code Scanner: Add-On. This app included multiple Teabot malware samples.
Once installed, the trojan would request permission for controlling the smartphone's screen. Once it had that, it would fish out sensitive information such as login details, SMS messages and two-factor authentication codes. It also maliciously requested permissions to allow Teabot to record keyboard entries giving easy access to more sensitive data.
“Since the dropper application distributed on the official Google Play Store requests only a few permissions and the malicious app is downloaded at a later time, it is able to get confused among legitimate applications and it is almost undetectable by common antivirus solutions,” the report said.
The app had been operating out of Google Play Store and apparently evolved in the last two years. Earlier, the trojan was distributed through SMS-based phishing campaigns where users would be sent fake updates to common apps and once the victim downloaded it, the trojan would be planted. This money-stealing scam app was removed by Google, but you can still have it on your smartphone.
To find out if you have the app on your smartphone, you can visit this link and confirm. If you do have it, make sure to instantly delete it. Also, in future, never give any app permissions that it does not require. Always take a moment to read the permissions it is requesting, and if found to be suspicious, immediately uninstall and report the app.