A new set of malicious Android apps have been caught posing as app security scanners on the official Play Store to distribute a backdoor capable of gathering sensitive information.

“These malicious apps urge users to update Chrome, WhatsApp, or a PDF reader, yet instead of updating the app in question, they take full control of the device by abusing accessibility services,” cybersecurity firm McAfee said in an analysis published on Monday.

The apps in question were designed to target users in Brazil, Spain, and the U.S., with most of them accruing anywhere between 1,000 to 5,000 installs. Another app named DefenseScreen racked up 10,000 installs before it was removed from the Play Store last year.

First documented by Kaspersky in August 2019, BRATA (short for “Brazilian Remote Access Tool Android”) emerged as an Android malware with screen recording abilities before steadily morphing into a banking trojan.

SOURCE: The Hacker News