The team from Quick Heal Security Labs found that malware authors were misusing the official apps with trojan to steal users' banking credentials.
Photo for representational purpose. Picture Courtesy/iStock
Amid the surge in demand for oximeters in the lethal second Covid wave in India, security researchers have detected fake oximeter apps on Play Store.
ADVERTISEMENT
The team from Quick Heal Security Labs found that malware authors were misusing the official apps with trojan to steal users' banking credentials.
"Threat actors use reliable tools to deploy payload and third-party app stores for distribution of these fake apps," the researchers said in a statement.
Attackers primarily target the app stores, where both free and paid apps are available.
They use different tools like firebase or GitHub to deploy these fake apps and different app markets like QooApp, Huawei, etc. for effective publishing and distribution among a large base of users.
"While threat actors are always seeking opportunities to compromise users, it is extremely critical to stay alert at every point possible," the team said. They advised not to open links shared through messages or on social media platforms.
"Check for grammar errors in the app descriptions as attackers usually use the wrong English," they noted. Since reviews and ratings can also be fake, focus more on reviews with low ratings.
"Avoid approaching to third-party app stores for downloading apps or through links shared via SMSs, emails and WhatsApp. These avenues don't invest in security and hence make space for any type of app, including the infected ones," the researchers said.
This story has been sourced from a third party syndicated feed, agencies. Mid-day accepts no responsibility or liability for its dependability, trustworthiness, reliability and data of the text. Mid-day management/mid-day.com reserves the sole right to alter, delete or remove (without notice) the content in its absolute discretion for any reason whatsoever