Daniel Dor

BankBot banking trojan got into Google Play again, this time embedded in a game called ‘Jewels Star Classic’.

Blog Post created by Daniel Dor Employee on Sep 26, 2017

"The dangerous Android banking trojan that we first informed about in the beginning of this year has found its way to Google Play again, now stealthier than ever.

Dubbed BankBot, the banking trojan has been evolving throughout the year, resurfacing in different versions both on and outside Google Play. The variant we discovered on Google Play on September 4, is the first one to successfully combine the recent steps of BankBot’s evolution: improved code obfuscation, a sophisticated payload dropping functionality, and a cunning infection mechanism abusing Android’s Accessibility Service." (welivesecurity, 2017)

For more info visit https://www.welivesecurity.com/2017/09/25/banking-trojan-returns-google-play/