Despite all the measures taken by Google, infected Android applications continue to be hosted in the Play Store. More than 10 thousand Android users downloaded the virus-bearing application that emerged and was recently removed from the Google Play store. Thus, these ten thousand Android users were left alone with the virus threat.
In fact, the Google Play Store took action in this sense for the first time in a short time. Noticing the malicious application, Praedeo researchers sent the report about the application to Google. The biggest danger for now is Android users who have already downloaded the infected application.
Google Play Store takes action for infected Android app with Trojan horse
Infected Android applications, which have become one of the big problems since the early years of Android, continue to give headaches. The company, which produces mobile security solutions called Praedeo, encountered a new Android application containing a virus. The name and usage area of the application is one of the biggest risks. Accordingly, the application called 2FA Authenticator used the codes of the Aegis application, which provides double-sided authentication service.
Android users who installed the application thought that they encountered an application that performed a real double-sided authentication in this sense.
Permissions requested by the infected application named 2FA Authenticator
Unlike the Aegis application it copied, the application, which requests much more extensive permissions, activates a Trojan horse that easily infiltrates your device if it can access these permissions. Among the permissions requested by the application are quite dangerous permissions such as disabling the screen lock, accessing all networks, starting on top of other applications, working even in sleep mode.
It turns out that the app is running a malware called Vultur, which was discovered in March 2021. The malware, which tries to access banking and other financial information after its authorization, has been downloaded by more than 10 thousand Android users.
The threatening Android app imitates the Aegis app
Although the application remained on the Google Play Store for about two weeks on January 12, it reached a large user base. As you know, Google Play Protect applications scan for malware before downloading. However, reports emerged last year that this scan detected almost no malware.
A good antivirus scanning software is still one of the best solutions for the threat of infected Android apps. The other solution is not to go beyond the secure software you know, especially for critical services such as 2FA, which we call double-sided authentication.
40394
