Security News > 2022 > March > TeaBot malware slips back into Google Play Store to target US users
The TeaBot banking trojan was spotted once again in Google Play Store where it posed as a QR code app and spread to more than 10,000 devices.
The trojanized apps include the promised functionality, so user reviews on the Play Store are positive.
Fetching the TeaBot payload. The In february, researchers found that TeaBot posed as an app named 'QR Code & Barcode - Scanner', which appears as a legitimate QR code scanning utility.
In the versions that circulated the Play Store in January 2021, analyzed by Bitdefender, TeaBot exited if it detected victim location in the United States.
Now, TeaBot is actively targeting users in the U.S. and has also added Russian, Slovak, and Chinese languages, indicating that the malware is eyeing a global victim pool.
To minimize the chances of infection from banking trojans even when using the Play Store as your exclusive app source, keep the number of installed apps on your device at a minimum.
News URL
Related news
- Android 15, Google Play get new anti-malware and anti-fraud features (source)
- Android 15, Google Play Protect get new anti-malware and anti-fraud features (source)
- 96% of US hospital websites share visitor info with Meta, Google, data brokers (source)
- Google ad impersonates Whales Market to push wallet drainer malware (source)
- Google rejected 2.28 million risky Android apps from Play store in 2023 (source)
- Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023 (source)
- Google blocked 2.3M apps from Play Store last year for breaking the G law (source)
- Over 90 malicious Android apps with 5.5M installs found on Google Play (source)