Android owners told to delete three popular apps that could be malware-infected clones – including Google Chrome --[Reported by Umva mag]

ANDROID owners have been urged to delete three malware-infected clone apps that are impersonating popular platforms like Google Chrome. The malware targets bank accounts, and can unlock extensive access to the victim’s personal information. AlamyIt’s important to note that the legitimate versions of these apps have not been compromised[/caption] GettyOcto2 has more advanced mechanisms than its predecessor, which makes it much harder to detect[/caption] It’s a new strain of Octo Android malware, dubbed Octo2, which has been spreading across Europe, according to cyber researchers at security firm ThreatFabric. ThreatFabric first detected Octo, a dangerous banking trojan, in April 2022. But it has since evolved. Octo2 has more advanced mechanisms than its predecessor, which makes it much harder to detect. It allows hackers to lock your devices screen from afar, mute sound, launch random apps at will and send malware-riddles text messages to your contacts. Perhaps the most worrying capability is that Octo2 can intercept SMS and push notifications from anyone. It means hackers can get hold of security codes sent over text to access precious accounts. Which apps are dangerous? The three apps Android owners should be wary of are Google Chrome, NordVPN and Europe Enterprise, which is believed to be used in targeted attacks. It’s important to note that the legitimate versions of these apps have not been compromised. The Google Chrome, NordVPN and Europe Enterprise apps on the Google Play store are safe to download – and keep installed on your device. Octo2 has not yet been spotted on Google Play. It’s believed infected versions of these apps are being distributed via third-party app stores, which Android users are largely told avoid. The Octo2 malware campaign is currently most prevalent in Italy, Poland, Moldova, and Hungary. However, the malware has previously facilitated attacks worldwide, including in the US, Canada, Australia, and the Middle East. Experts expect Octo2 campaigns will begin to appear in other regions soon. How to spot a dodgy app Detecting a malicious app before you hit the 'Download' button is easy when you know the signs. Follow this eight-point checklist when you’re downloading an app you’re unsure about: Check the reviews – be wary of both complaints and uniformly positive reviews by fake accounts. Look out for grammar mistakes – legitimate app developers won’t have typos or errors in their app descriptions. Check the number of downloads – avoid apps with only several thousand downloads, as it could be fake. Research the developer – do they have a good reputation? Or, are totally fake? Check the release date – a recent release date paired with a high number of downloads is usually bad news. Review the permission agreement – this agreement gives permission for the app to take bits of your data, and fake apps often ask for additional data that is not necessary. Check the update frequency – an app that is updated too frequently is usually indicative of security vulnerabilities. Check the icon – look closely, and don’t be deceived by distorted, lower-quality versions the icons from legitimate apps. All of this information will available in both Apple’s App Store and the Google Play Store.

Sep 25, 2024 - 15:31

Android owners told to delete three popular apps that could be malware-infected clones – including Google Chrome --[Reported by Umva mag]

ANDROID owners have been urged to delete three malware-infected clone apps that are impersonating popular platforms like Google Chrome.

The malware targets bank accounts, and can unlock extensive access to the victim’s personal information.

a person is holding a cell phone in their hands

It’s important to note that the legitimate versions of these apps have not been compromised[/caption]

a man in a green hoodie sits in front of two computer monitors

Octo2 has more advanced mechanisms than its predecessor, which makes it much harder to detect[/caption]

It’s a new strain of Octo Android malware, dubbed Octo2, which has been spreading across Europe, according to cyber researchers at security firm ThreatFabric.

ThreatFabric first detected Octo, a dangerous banking trojan, in April 2022.

But it has since evolved.

Octo2 has more advanced mechanisms than its predecessor, which makes it much harder to detect.

It allows hackers to lock your devices screen from afar, mute sound, launch random apps at will and send malware-riddles text messages to your contacts.

Perhaps the most worrying capability is that Octo2 can intercept SMS and push notifications from anyone.

It means hackers can get hold of security codes sent over text to access precious accounts.

Which apps are dangerous?

The three apps Android owners should be wary of are Google Chrome, NordVPN and Europe Enterprise, which is believed to be used in targeted attacks.

It’s important to note that the legitimate versions of these apps have not been compromised.

The Google Chrome, NordVPN and Europe Enterprise apps on the Google Play store are safe to download – and keep installed on your device.

Octo2 has not yet been spotted on Google Play.

It’s believed infected versions of these apps are being distributed via third-party app stores, which Android users are largely told avoid.

The Octo2 malware campaign is currently most prevalent in Italy, Poland, Moldova, and Hungary.

However, the malware has previously facilitated attacks worldwide, including in the US, Canada, Australia, and the Middle East.

Experts expect Octo2 campaigns will begin to appear in other regions soon.

How to spot a dodgy app

Detecting a malicious app before you hit the 'Download' button is easy when you know the signs.

Follow this eight-point checklist when you’re downloading an app you’re unsure about:

Check the reviews – be wary of both complaints and uniformly positive reviews by fake accounts.
Look out for grammar mistakes – legitimate app developers won’t have typos or errors in their app descriptions.
Check the number of downloads – avoid apps with only several thousand downloads, as it could be fake.
Research the developer – do they have a good reputation? Or, are totally fake?
Check the release date – a recent release date paired with a high number of downloads is usually bad news.
Review the permission agreement – this agreement gives permission for the app to take bits of your data, and fake apps often ask for additional data that is not necessary.
Check the update frequency – an app that is updated too frequently is usually indicative of security vulnerabilities.
Check the icon – look closely, and don’t be deceived by distorted, lower-quality versions the icons from legitimate apps.

All of this information will available in both Apple’s App Store and the Google Play Store.

The following news has been carefully analyzed, curated, and compiled by Umva Mag from a diverse range of people, sources, and reputable platforms. Our editorial team strives to ensure the accuracy and reliability of the information we provide. By combining insights from multiple perspectives, we aim to offer a well-rounded and comprehensive understanding of the events and stories that shape our world. Umva Mag values transparency, accountability, and journalistic integrity, ensuring that each piece of content is delivered with the utmost professionalism.