We put a huge amount of trust in Google to protect us as we use the Play Store on a day-to-day basis. That is, we expect them to be able to keep out malware and Trojans from the apps we download for our use. But we have to realize that this is an ongoing battle, and sometimes the malicious hackers win.
Internet security outfit Avast working together with ESET and SfyLabs have discovered a Trojan that they are now calling “BankBot“, which they are describing as “a piece of mobile banking malware that has snuck into Google Play on numerous occasions this year, targeting apps of large banks including WellsFargo, Chase, DiBa and Citibank and their users in the U.S., Australia, Germany, Netherlands, France, Poland, Spain, Portugal, Turkey, Greece, Russia, Dominican Republic, Singapore and Philippines.”
This version of BankBot hides itself in normal day-to-day apps such as flashlight apps, solitaire games, and cleaner apps. Google has previously removed BankBot-infected apps within days of appearing in the Play Store, but Avast has reported versions of BankBot still in the Play Store as of November 17.
So if you are a customer of the said banks, better be safe than sorry. Make sure you are installing only apps that you know to be legit. For more information regarding the malware, check out the source link below.