Security News > 2022 > March > TeaBot malware slips back into Google Play Store to target US users

The TeaBot banking trojan was spotted once again in Google Play Store where it posed as a QR code app and spread to more than 10,000 devices.
The trojanized apps include the promised functionality, so user reviews on the Play Store are positive.
Fetching the TeaBot payload. The In february, researchers found that TeaBot posed as an app named 'QR Code & Barcode - Scanner', which appears as a legitimate QR code scanning utility.
In the versions that circulated the Play Store in January 2021, analyzed by Bitdefender, TeaBot exited if it detected victim location in the United States.
Now, TeaBot is actively targeting users in the U.S. and has also added Russian, Slovak, and Chinese languages, indicating that the malware is eyeing a global victim pool.
To minimize the chances of infection from banking trojans even when using the Play Store as your exclusive app source, keep the number of installed apps on your device at a minimum.
News URL
Related news
- Week in review: Exploited 7-Zip 0-day flaw, crypto-stealing malware found on App Store, Google Play (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
- Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking (source)
- Chinese hackers use custom malware to spy on US telecom networks (source)
- New North Korean Android spyware slips onto Google Play (source)
- Malicious Android 'Vapor' apps on Google Play installed 60 million times (source)