Enlarge (credit score: Getty Photos)
A malicious app downloaded from Google Play greater than 10,000 occasions surreptitiously put in a distant entry trojan that stole customers’ passwords, textual content messages, and different confidential information, a safety agency reported.
The trojan, which works below the names TeaBot and Anatsa, got here to gentle final Could. It used streaming software program and abused Android’s accessibility providers in a method that allowed the malware creators to remotely view the screens of contaminated units and work together with the operations the units carried out. On the time, TeaBot was programmed to steal information from a predefined record of apps from about 60 banks all over the world.
On Tuesday, safety agency Cleafy reported that TeaBot was again. This time, the trojan unfold via a malicious app known as QR Code & Barcode Scanner, which because the identify instructed, allowed customers to work together with QR codes and barcodes. The app had greater than 10,000 installations earlier than Cleafy researchers notified Google of the fraudulent exercise and Google eliminated it.
Learn 7 remaining paragraphs | Feedback
