The number of Android devices, developers and applications is growing, making our lives even more convenient and connected. But there is also a dark side to the number of apps: malicious actors developing apps capable of stealing mobile banking credentials or even spying on unsuspecting users, ranging from simple phishing apps to much more advanced and stealthy threats. Such infiltrations are not just spread using social engineering or via alternative app stores, but also through Google Play, the official Android app store. As a result, dangerous malware, too, can be just a tap away. This presentation will give an overview of latest Android malware, focusing on banking malware and its go-to tricks and techniques. The talk will also include an analysis of a recently discovered family of Android banking malware that could make payments directly from the compromised device.
4. Malware on
Google Play
Fake apps1
Adware2
Hidden apps3
Phishing5
Clipper6
Cryptocurrency scams7
Spyware8
Government malware9
Adfraud4
Banking malware10
44. Banking malware - Anubis
Australia
Austria
Czechia
France
Germany
Hong Kong
Hungary
India
Israel
Italy
Japan
Kenya
Netherlands
New Zealand
Poland
Romania
Russia
Slovakia
Spain
Turkey
USA
United Kingdom
350+
47. Banking malware - Anubis
Month Number of apps Number of installs
January 2019 17 13,500+
February 2019 6 1,000+
March 2019 4 2,050+
April 2019 7 250+
55. How to stay safe
Install apps only from Google Play
Read other users review
Install official banking apps
Do not activate accessibility services
56. Conclusion
Android malware is rising (Improved functionality)
Inspired by Windows malware
Attackers got over Google Play security
Low security of your friends makes you vulnerable