Google Play app turned out to steal Binance login data and banking apps

Google makes every effort to prevent malware from getting a chance on the Play Store. But there are some flaws in the net, as we see today. A new malware application has been discovered that steals sensitive data from unsuspecting users.

Security researcher Lukas Stefanko posted a video yesterday in which he showed how a malware application from the Google Play Store was capturing sensitive data. The application was in the Play Store under the name of Easy Rates Converter and facilitates the calculation of exchange rates. At the same time, it is designed to steal the connection codes of several legitimate applications.

Stolen Data

Stefanko states that the application was focused on CommBank, Google Play and Binance. The Easy Rates Converter app has not been well apprehended and, according to Stefanko, has been downloaded about five hundred times. For a user who downloads and installs the application, nothing seems to happen. The application can indeed simply convert the value of the currencies. But in the background, the application also downloads malware that looks like an update to Adobe Flash.

The malicious software then waits for its attack. For example, if a user opens Binance, the malware creates a fake activity taking control of the legitimate application. In this one, the user must enter data, which the malware then sends to the developers. In this way, the application could have access to different user accounts.

Protection of the Play Store

Google has since deleted the application of the Play Store. In this case, the damage, with five hundred downloads, is also included. But there are also known cases of malicious programs, such as ExpensiveWall, that have been downloaded over a million times. Although everything is done to prevent malware from entering the Play Store, Google can not prevent it.

This is partly because hackers and malware developers know exactly how the Play Store detects malware. By wrapping it up in an application or downloading it later, malware can sometimes get through the scans. This occurs in less than one percent of the apps in the Play Store, but there are more than 2.5 million. This means that thousands of applications infected with malware are still involved. For Google, it is therefore particularly difficult to find the latest applications.