17 innocent-looking Android apps are stealing banking credentials — delete them before you're next

Getty Images/cyano66
(Image credit: Getty Images/cyano66)

Your banking credentials aren't safe, according to Trend Micro research, especially if you have one of the malware-infested apps they've discovered in their cybersecurity report. These Google Play Store apps appear to be innocuous, but they are injected with banking trojans and behind users' backs, they're collecting sensitive information, including banking details, passwords, emails, texts, and more.

The Trend Micro investigators dubbed this malware campaign "DawDropper." Fortunately, the trojan-packed apps have been removed from the Google Play Store, but that doesn't automatically remove them from users' phones. Check out the following 17 blacklisted apps and make sure they're not on your device.


DawDropper Google Play Store apps (Image credit: Trend Micro)

Interestingly, many of the infected apps were masquerading as "cleaners," photo and video editors, QR code and document scanners, VPNs and call recorders. The apps in the DawDropper campaign were caught installing four types of banking trojan variants, including Octo, Hydra, Ermac and TeaBot. 

To illuminate DawDropper's spine-tingling capabilities, Trend Micro delved into how the banking trojan Octo operates. Once it's successfully installed on a victim's phone and nabs primary permissions, Octo keeps the device awake and registers a scheduled service to upload sensitive info to the cybercriminal's server.

"It also uses virtual network computing (VNC) to record a user's screen, including sensitive information such as banking credentials, email addresses and passwords, and PINs," the researchers said. To make matters worse, Octo causes the victim's device to turn black by switching off its backlight. It also mutes the phone to hide malicious behavior. Yikes!

How can you protect yourself from future DawDropper malware campaigns? Trend Micro advises Android users to check app reviews before downloading; users typically voice concerns and complaints about malware-infested apps. Be sure to look into the app developers and publishers; avoid installing apps from unfamiliar sources.

Kimberly Gedeon

Kimberly Gedeon, holding a Master's degree in International Journalism, launched her career as a journalist for MadameNoire's business beat in 2013. She loved translating stuffy stories about the economy, personal finance and investing into digestible, easy-to-understand, entertaining stories for young women of color. During her time on the business beat, she discovered her passion for tech as she dove into articles about tech entrepreneurship, the Consumer Electronics Show (CES) and the latest tablets. After eight years of freelancing, dabbling in a myriad of beats, she's finally found a home at Laptop Mag that accepts her as the crypto-addicted, virtual reality-loving, investing-focused, tech-fascinated nerd she is. Woot!