Bank account in danger: 100,000 users should delete apps immediately

Some apps bypass the safety precautions in the Google Play Store. They look inconspicuous, but there are dangerous Trojans behind it.

Munich/Dortmund-Many people do their banking business with their smartph1. To do this, download the apps from providers such as Sparkasse, Volksbank or N26. But these apps are not always what they are. Because cybercriminals are increasingly using the growing popularity of this form of banking for their purposes, reports

Bank account in danger: These apps should be deleted immediately from the smartphone

As the online magazine Textbook reports, the criminals use so-called dropper apps to install malware on smartphones. These apps can be downloaded from the Google Play Store as normal.

The user is also not suspicious because the app fulfills its purpose. Only when the dropper app prompted to an update and the user agrees will the malware be installed, for example Trojans, which pass on the account data stored on the smartphone to the criminals (more digital news at RF24).

The Dutch cybersecurity company Threat fabric reports in a blog post published in October 2022 by two large campaigns, in which five dropper apps are used to smuggle the Trojan Vulture and Shark bot on the smartphone.

Banking apps become a trap-up to 100,000 downloads in the Google Play Store

Threat fabric discovered Vulture in July 2021. The malware steals personal data via key logging. This means that the malware can read out the entries on the smartphone display, for example the password for the banking app, and forward to the criminals. The malware is even able to initiate a remote session and thus carry out actions on the devices.

Recently, Threat fabric found three new dropper apps for Vulture in the Google Play Store, which come to 1000 to 100,000 downloads. The following apps are:

My Finances Tracker or File Manager Small: Delete apps-Danger because of Trojans

It was not until early October 2022 that Threat fabric felt a new campaign with the Shark bot Trojan. The criminals use the apps for this:

Codices Fiscal aims at smartphone owners in Italy. The app, which has been downloaded over 100,000 times, serves to calculate the taxes. How cleverly the programmers proceed is shown by the fact that the app checks after opening whether the SIM card is registered in Italy.

If this is not the case, Shark bot is not downloaded. If, on the other hand, an Italian SIM card is recognized, a fake Google Play Store page is opened, through which the Trojan is installed instead of an update on the smartph1. The Shark bot then tries to get the data from banking apps on the smartphone.


The procedure is identical to the second app File Manager Small, Lite. However, the app aims at an international clientele, including users from Germany.

Safety in front of Trojans on the smartphone: The dangerous apps should be deleted immediately

The five apps have now been removed from the App Store, as previously other dangerous apps. If you have already installed them on the smartphones, you should delete them immediately. Only then is the risk of becoming a victim of a fraud.

Rubric list picture: © CAVAM Images/Imago

Leave a Reply

Your email address will not be published. Required fields are marked *