This article warns users about Android banking trojans, a type of malware that steals online banking credentials and drains accounts.

Key points:

  • Prevalence: These trojans are disguised as legitimate apps and pose a serious threat to Android users, with Malwarebytes detecting over 88,500 in 2023 alone.
  • Deception: They often masquerade as everyday apps like fitness trackers or QR readers or productivity or photography tools, making them difficult to identify.
  • Permissions Requests: Once installed, they request permissions like accessing photos or files, but use them to steal login details.
  • Sneaky Tactics: Some even hide their app icon on the home screen and download additional malware later, bypassing Google Play’s security measures.
  • End Goal: Their ultimate aim is to steal your banking information and use it to make unauthorized money transfers.

The article emphasizes that vigilance is crucial, as these trojans are becoming increasingly sophisticated. It also references a recent Anatsa Trojan: https://www.techradar.com/pro/security/this-nasty-new-android-malware-can-easily-bypass-google-play-security-and-its-already-been-downloaded-thousands-of-times

  • LainTrain@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    9
    arrow-down
    1
    ·
    9 months ago

    But I thought the data storage even if not encrypted (which afaik is standard as well) is now isolated for each app? And surely accessibility permissions are a separate category you have to grant also?

    • Squire1039@lemm.eeOP
      link
      fedilink
      English
      arrow-up
      3
      ·
      9 months ago

      Yeah, the app data are separated and inaccessible, unless specified by the developer. Accessibility service is a separate permission, and should almost never be asked or granted, where as file/photo accesses are more common.