Security News > 2022 > March > TeaBot malware slips back into Google Play Store to target US users
The TeaBot banking trojan was spotted once again in Google Play Store where it posed as a QR code app and spread to more than 10,000 devices.
The trojanized apps include the promised functionality, so user reviews on the Play Store are positive.
Fetching the TeaBot payload. The In february, researchers found that TeaBot posed as an app named 'QR Code & Barcode - Scanner', which appears as a legitimate QR code scanning utility.
In the versions that circulated the Play Store in January 2021, analyzed by Bitdefender, TeaBot exited if it detected victim location in the United States.
Now, TeaBot is actively targeting users in the U.S. and has also added Russian, Slovak, and Chinese languages, indicating that the malware is eyeing a global victim pool.
To minimize the chances of infection from banking trojans even when using the Play Store as your exclusive app source, keep the number of installed apps on your device at a minimum.
News URL
Related news
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- Week in review: Exploited 7-Zip 0-day flaw, crypto-stealing malware found on App Store, Google Play (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
- FBI wipes Chinese PlugX malware from over 4,000 US computers (source)
- FBI deletes Chinese PlugX malware from thousands of US computers (source)
- Fake Homebrew Google ads target Mac users with malware (source)
- Google blocked 2.36 million risky Android apps from Play Store in 2024 (source)
- Google Play, Apple App Store apps caught stealing crypto wallets (source)
- Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking (source)
- Chinese hackers use custom malware to spy on US telecom networks (source)