ANDROID owners have been urged to delete three malware-infected clone apps that are impersonating popular platforms like Google Chrome.
The malware targets bank accounts, and can unlock extensive access to the victim’s personal information.
2
2
It’s a new strain of Octo Android malware, dubbed Octo2, which has been spreading across Europe, according to cyber researchers at security firm ThreatFabric.
ThreatFabric first detected Octo, a dangerous banking trojan, in April 2022.
But it has since evolved.
Octo2 has more advanced mechanisms than its predecessor, which makes it much harder to detect.
It allows hackers to lock your devices screen from afar, mute sound, launch random apps at will and send malware-riddles text messages to your contacts.
Perhaps the most worrying capability is that Octo2 can intercept SMS and push notifications from anyone.
It means hackers can get hold of security codes sent over text to access precious accounts.
Which apps are dangerous?
The three apps Android owners should be wary of are Google Chrome, NordVPN and Europe Enterprise, which is believed to be used in targeted attacks.
It’s important to note that the legitimate versions of these apps have not been compromised.
The Google Chrome, NordVPN and Europe Enterprise apps on the Google Play store are safe to download – and keep installed on your device.
Octo2 has not yet been spotted on Google Play.
It’s believed infected versions of these apps are being distributed via third-party app stores, which Android users are largely told avoid.
The Octo2 malware campaign is currently most prevalent in Italy, Poland, Moldova, and Hungary.
However, the malware has previously facilitated attacks worldwide, including in the US, Canada, Australia, and the Middle East.
Experts expect Octo2 campaigns will begin to appear in other regions soon.
How to spot a dodgy app
Detecting a malicious app before you hit the ‘Download’ button is easy when you know the signs.
Follow this eight-point checklist when you’re downloading an app you’re unsure about:
- Check the reviews – be wary of both complaints and uniformly positive reviews by fake accounts.
- Look out for grammar mistakes – legitimate app developers won’t have typos or errors in their app descriptions.
- Check the number of downloads – avoid apps with only several thousand downloads, as it could be fake.
- Research the developer – do they have a good reputation? Or, are totally fake?
- Check the release date – a recent release date paired with a high number of downloads is usually bad news.
- Review the permission agreement – this agreement gives permission for the app to take bits of your data, and fake apps often ask for additional data that is not necessary.
- Check the update frequency – an app that is updated too frequently is usually indicative of security vulnerabilities.
- Check the icon – look closely, and don’t be deceived by distorted, lower-quality versions the icons from legitimate apps.
All of this information will available in both Apple’s App Store and the Google Play Store.