Popular banking Trojans are again roaming Google Play. Hiddad and Andreed viruses impersonate recognizable games and encourage even the youngest to install them. Malware can even wipe our accounts.
Android smartphone users should be especially careful about what they install. Recently, a new wave of hacker attacks has begun. Fraudsters impersonate mobile games and steal their victims’ money.
Banking Trojan instead of a game – watch out for Google Play
As experts from the Czech branch of the security company ESET warn, hackers have again begun to widely use the Hiddad banking Trojan. The virus gained particular popularity in 2022, and now it is expected to return like a boomerang.
In ongoing campaigns, criminals are embedding malware into games resembling the wildly popular Minecraft. However, the matter is a bit complicated. For example, the Google Play store includes Block Sun Earth by Trending Games Global – it is a legal product and an actual game in the style of Microsoft’s hit, which is supported by (numerous) advertisements.
However, hackers impersonate Block Sun Earth, publishing games with similar-sounding or even identical titles with the Hiddad or Andreed Trojan included in the package. This way, people looking for a given game may stumble upon an imitation and infect their device.
Another example of fraud is fakes of the game “My Singing Monsters Composer”. It is usually a paid title for PLN 19.99. However, there are free fakes circulating on Google Play – again with a similar name and appearance. However, these are already infected with the dangerous Andreed virus. In this way, even tens of thousands of smartphones could have been taken over.
Trojans targeting young players
Experts warn that these campaigns appear to be aimed at younger people, who may be less cautious and aware than adults. Even fake games can be cleverly hidden in the app store, with good ratings and a large number of positive comments. However, these may be issued by online bots.
Analyst Martin Jirkal from ESET warns that not every fake game contains banking Trojans, but clones of popular applications are usually created to make money. Some of them contain “only” adware, i.e. software that displays an often absurd number of mobile ads in order to generate profit for the authors.
As a general rule, we should not install games of questionable origin and keep an eye on what software our children install on their or our phones. It should also be a definite red flag when a paid title suddenly becomes available for free. There’s probably a catch hidden there.