Fake bank apps on Google Play!

Another set of fake banking apps has found its way into the official Google Play store. Claiming to increase the credit card limit for users of three Indian banks, the malicious apps phish for credit card details and internet banking credentials using bogus forms. What’s even worse, the data stolen from the victims is leaked online, in plain text, via an exposed server.

The fake apps were uploaded to Google Play in June and July 2018 when ESET notified Google they were taken down, but by then they had been installed by hundreds of victims. The apps were uploaded under three different developer names, each impersonating a different Indian bank: however, all three apps can be traced back to a single attacker.

The information-stealing aspect of the operation is also very straightforward. The victim is presented with a form asking for names, credit card numbers, expiration dates and CVV. This is then submitted and the person is taken to another screen where he or she is asked for their banking login credentials. When the second form is submitted the person is told a “customer service executive” will soon be in contact.

More info in ESET report.