PSA: Some Flashlight and Solitaire apps on Play Store can steal your Bank details

Bankbot malware apps

According to new research conducted by several security firms, several Flashlight and Solitaire apps found on the Google Play Store could be stealing your bank details. Scary, right? Well, it is, and even Google’s Play Protect scans couldn’t detect the malware.

The malware, known as BankBot, delivers malicious payload to the users device using a command & control server. Once the user downloads the affected app, the malware would wait a few hours before downloading the payload automatically, or if Unknown sources isn’t enabled, then it would ask the user permission to download the payload.

Read: Toastamigo malware affects Google Play Store

The download would appear as a Google Play or required update for the app, fooling the users. The BankBot malware is mainly targeted towards banking apps from WellsFargo, Chase, DiBa and Citibank. The malware could affect users anywhere in the US, Australia, Germany, Netherlands, France, Poland, Spain, Portugal, Turkey, Greece, Russia, Dominican Republic, Singapore and Philippines.

This new version of BankBot was discovered last month by the Avast team, with help from ESET and SfyLabs. Some of the affected apps include; Lamp for Darkness, Sea FlashLight, XDC Cleaner, Classic Solitaire, and Spider Solitaire. Don’t worry though, as these apps have now been removed from the Play Store. But, if you’ve got any of these installed on your phone, then we recommend you immediately remove them and contact your bank for suspicious activities.

As per the report, the malware was able to create a fake login page over the banking app, so it can capture login details. There are chances that hackers would release more apps that contain this malware, so you will have to be careful when downloading such apps.

How can you protect yourself from such malware? Well, make sure you are using authentic banking apps, turn on two-factor authentication if available, don’t download apps from unknown sources, read the permissions before accepting them, and do not give device administrator access to any such apps.

For an in-depth look at this malware, head to the source link. Have you been affected by this malware? Did you install any of the above stated apps on your device?
  • 915 Posts
Loves tech, cars, motorbikes, travelling and cranberry juice. Doesn't hate anything, neutral during an iOS vs Android or iPhone vs other Android phone battle. Email: