Attention Android Users, Beware of Fake Google Update Emptying Your Bank Account

Android users, beware! Cyble researchers have raised the alarm about Antidot, a virus masquerading as a Google Play Store update that allows malicious actors to take control of your device remotely.

How does Antidot work? It starts with an email or SMS received by the target, instructing them to urgently update their Google Play. The message contains a link that redirects to a fake update page that looks quite credible, complete with the logo of the Mountain View firm. However, the victim ends up installing an APK file containing a dangerous Trojan horse. A new update page appears, leading the user to Android’s accessibility functions. If access is granted to the settings, the malware then gains full power.

Malicious actors can send messages or make calls, lock your screen, uninstall an application, or record what you type. But their real goal is to carry out an overlay attack. According to 01Net, they will overlay fake windows on top of your bank’s application, tricking you into entering your banking credentials while the hackers gain access. This threat is especially serious for French-speaking countries. Be cautious when accepting updates on your device and consider installing antivirus software.

Unfortunately, viruses designed to steal your banking credentials are prevalent on Android. Just a few weeks ago, we discussed Brokewell, a malicious software identified by cybersecurity firm ThreatFabric. This threat is significant for the banking sector as it allows attackers to remotely access all available assets through mobile banking services. Stay informed and protect your device against such threats.

To stay updated on the latest news from Presse-citron, follow us on Google News and WhatsApp. Don’t fall victim to these malicious attacks and safeguard your personal information. Stay safe!