Security firm Zscaler has identified a new threat involving over 90 malicious Android apps targeting banking services, which have been downloaded more than 5.5 million times from the Google Play Store.
Among these apps are titles such as "PDF Reader & File Manager" and "QR Reader & File Manager," each of which was downloaded over 70,000 times.
Initially, these apps appeared legitimate.
But these apps employed a sophisticated method to evade detection by containing no malicious code upon download, according to mobil.se.
The fraudulent activity began after installation when the apps downloaded additional code disguised as a legitimate update.
This code could then scan the phone for banking apps and device data, resulting in a manipulated login page that imitated the user's bank, aiming to steal login credentials.
Following the discovery, the affected apps were removed from the Google Play Store, but they may still be present on devices where they were previously downloaded.
According to Zscaler, these attacks primarily targeted users in the UK.
Individuals in the US, Germany, Spain, Finland, South Korea, and Singapore have also been affected.
