Security News > 2021 > December > Android banking trojan spreads via fake Google Play Store page
The actors have set up a page that looks very close to Android's official Google Play app store to trick visitors into thinking they are installing the app from a trustworthy service.
The malware pretends to be the official banking app for Itaú Unibanco and features the same icon as the legitimate app.
Google Play Store apps are installed through the store interface, never asking the user to download and install programs manually.
Researchers at Cyble analyzed the malware, finding that upon execution, it attempts to open the real Itaú app from the actual Play Store.
If you want to enjoy the convenience of mobile e-banking, make sure to install the app from the bank's official website or the Google Play Store.
Finally, regularly check and ensure that Google Play Protect is enabled on your Android device.
News URL
Related news
- New Android Trojan Crocodilus Abuses Accessibility to Steal Banking and Crypto Credentials (source)
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities (source)
- Google adds Android auto-reboot to block forensic data extractions (source)
- Update ASAP: Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers (source)
- Google fixes actively exploited FreeType flaw on Android (source)
- Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android (source)
- Google’s Advanced Protection Now on Android (source)
- Google strengthens secure enterprise access from BYOD Android devices (source)