Banking Trojans are the order of the day and continue to grow exponentially. With this concept we refer to all types of malware whose purpose is to steal the banking data of its victims, for this it uses social engineering mechanisms so that its users feel the need to execute it.
On this occasion, cybercriminals have taken advantage of the popularity of applications available on Google Play to develop a malicious application. The main problem is that it is very easy to download it without knowing its content, since it is at the top of the list of applications available in this Google service.
A PDF editor that locks in malware
The appearance of this new banking Trojan is that of an application developed to edit PDFs easily and quickly. It is known as the name PDF+ and has already been removed from the app store by Google Play developers. However, this removal occurred a few hours ago, when more than 10,000 users had already downloaded the file to their mobile phones.Through this installation, the victims endangered both their devices and their personal and banking data.
When starting the download, the user does not perceive anything at first glance that could reveal that the application contains this type of Trojan. It even had a 38 review score and a fairly believable description.This description, however, was copied verbatim from the verified app PDF Expert on the App Store.
When the download finished is when the problems started. To start, the application asks the user for permission to install an update and an APK file of Flash Player, which does not have official support on Android in the year 2012. Any user not familiar with this type of application could follow the process naturally, without suspecting that they are actually installing this type of virus on their devices. By then, the banking Trojan will already be embedded in your phone and will be able to steal all your personal and financial data.
This permission is due to the fact that the user has given full access to functions such as screen control, or other types of actions that are carried out completely autonomously. In this way, cybercriminals can even have access to contacts, SMS, data or any type of information, sensitive or not, stored on the device. In addition, gaining this full access to the victim’s mobile phone makes it difficult in any way to uninstall it from the phone.
Cybersecurity experts recommend installing only official applications and verifying their origin, so that we avoid installing this type of malware to protect our personal data.