Security News > 2022 > March > TeaBot malware slips back into Google Play Store to target US users
The TeaBot banking trojan was spotted once again in Google Play Store where it posed as a QR code app and spread to more than 10,000 devices.
The trojanized apps include the promised functionality, so user reviews on the Play Store are positive.
Fetching the TeaBot payload. The In february, researchers found that TeaBot posed as an app named 'QR Code & Barcode - Scanner', which appears as a legitimate QR code scanning utility.
In the versions that circulated the Play Store in January 2021, analyzed by Bitdefender, TeaBot exited if it detected victim location in the United States.
Now, TeaBot is actively targeting users in the U.S. and has also added Russian, Slovak, and Chinese languages, indicating that the malware is eyeing a global victim pool.
To minimize the chances of infection from banking trojans even when using the Play Store as your exclusive app source, keep the number of installed apps on your device at a minimum.