Sneaky BankBot trojan skims UK banking apps through Google Play

Sneaky BankBot trojan skims UK banking apps through Google Play

Cybersecurity experts are warning Android users of a BankBot trojan malware live inside hundreds of Google Play apps that could steal their online banking passwords and log-ins.

The BankBot trojan sneaks onto phones by infiltrating legitimate apps, gains administrative privileges and then hides itself by removing its shortcut from the home screen.

Once installed it can send and intercept texts, obtain contact list phone numbers, track device location through the GPS and can request additional privileges to do things such as make phone calls.

On top of these, the malware steals confidential user information by tracking the launch of online banking apps and payment system software.

So far, this malware has infected more than 400 apps, making it extremely difficult to combat.

Mr Capps suggests banks could offer customers more robust account protection that includes a suite of authentication technologies that could go beyond simply asking for username and passwords.

Explaining further, he said: “These new solutions authenticate users based on their online behaviours, methods that are extremely resistant to impersonation, don’t rely on credential data and can even provide banks with options to upgrade user experiences for trusted, good customers.”

“These technologies are going to defeat Trojans and malware by making the credentials and payment card details the fraudsters go after obsolete. I’d love to get to the point that fraudsters are holding a bag of nothing, because that is where these new technologies are taking us.”

Banking apps are now a fact of life. Most high-street banks and building societies in the UK offer their own apps for customers, including Barclays, HSBC, Lloyds, Nationwide, Natwest and Santander.

How to stay safe

  • Install a good antivirus app that can detect and block such malware before it can infect the device and always keep the app up-to-date.
  • Stick to trusted sources wherever you can, such as Google Play Store and the Apple App Store, and verify app permissions before installing apps. If you think an app is asking for more than what it is meant for, just do not install it.
  • Do not download apps from third-party sources. Although in this case, the app is being distributed through the official Play Store, most often such malware is distributed via untrusted third-party app stores. And Google Play is still the safest place to download apps.
  • Avoid unknown and unsecured WiFi hotspots and keep your WiFi turned off when not in use.
  • Be careful which apps you give administrative rights to. Admin rights are powerful and can give an app full control of your device.
  • Never click on links in SMS or MMS sent to your mobile phone. Even if the email looks legit, go directly to the website of origin and verify any possible updates.



A veteran freelance journalist writing extensively on internet news and cybersecurity.
Back To Top