Security News > 2022 > July > Over a Dozen Android Apps on Google Play Store Caught Dropping Banking Malware

A malicious campaign leveraged seemingly innocuous Android dropper apps on the Google Play Store to compromise users' devices with banking malware.

These 17 dropper apps, collectively dubbed DawDropper by Trend Micro, masqueraded as productivity and utility apps such as document scanners, QR code readers, VPN services, and call recorders, among others.

Droppers are apps designed to sneak past Google's Play Store security checks, following which they are used to download more potent and intrusive malware on a device, in this case, Octo, Hydra, Ermac, and TeaBot.

The list of malicious apps previously available from the app store is below -.

Included among the droppers is an app named "Unicc QR Scanner" that was previously flagged by Zscaler earlier this month as distributing the Coper banking trojan, a variant of the Exobot mobile malware.

"Additionally, because there is a high demand for novel ways to distribute mobile malware, several malicious actors claim that their droppers could help other cybercriminals disseminate their malware on Google Play Store, resulting in a dropper-as-a-service model."

News URL

https://thehackernews.com/2022/07/over-dozen-android-apps-on-google-play.html