17 apps found stealing banking, email data, passwords and PINs under ‘DawDropper’ campaign

Apps like Just In: Video Motion, Document Scanner Pro, Simpli Cleaner, Unicc QR Scanner were found to be part of the malicious campaign.

A latest report by cybersecurity firm Trend Micro found a malicious campaign involving several apps in the second half of 2021. This was dubbed as “DawDropper”. Cyber attackers have been increasingly targeting people via apps that penetrate the Google Play Store via a technique called dropper which is proving to be effective in avoiding being detected.

How it infects devices


The dropper spread 4 kinds of banking trojans – Octo, Hydra, Ermac, and TeaBot – via its different variants. DawDroppe uses Octo, which can steal banking credentials, text messages and hijack devices. Historically, the same trojan was used against online banking customers in Colombia.

Photo: Trend Micro

How it hides and steals


The malware gains primary permissions and can keep the device awake without the owner knowing it. It will then schedule the collection of sensitive information which is then uploaded to its server. It can record user screens, take away banking data, emails, passwords and PINs, the company said. It can also avoid detection of the malicious attack by turning off the screen light and volume of the device. Furthermore, it can disable Google Play Protect.

#apps #stealing #banking #email #data #passwords #PINs #DawDropper #campaign

Leave a Comment

Your email address will not be published.