New Octo Banking Trojan Spreading via Fake Apps on Google Play Store


Well-Known Member
A number of rogue Android apps that have been cumulatively installed from the official Google Play Store more than 50,000 times are being used to target banks and other financial entities.

Coper malware apps are modular in design and include a multi-stage infection method and many defensive tactics to survive removal attempts," Cybersecurity company Cyble noted in an analysis of the malware last month.

These apps, which pose as Play Store app installer, screen recording, and financial apps, are "powered by inventive distribution schemes," distributing them through the Google Play store and via fraudulent landing pages that purportedly alert users to download a browser update.

On top of that, a new analysis published by AppCensus found 11 apps with more than 46 million installations that were implanted with a third-party SDK named Coelib that made it possible to capture clipboard content, GPS data, email addresses, phone numbers, and even the user's modem router MAC address and network SSID.