What's the oldest trick in the book to get people to do something they might not otherwise do? Pretend to be someone you are not. That's exactly what the Antidot banking trojan is doing. To lure Android users into downloading it, it's masquerading as a Google Play update application.
While it's generally recommended that you keep your phone and your apps up to date, you must be very vigilant when downloading an update and not fall for a fake update warning, which may come from cybercriminals like the ones behind Antidot.
Security researchers at Cyble (via Tom's Guide) first came across Antidot on May 6. It's a banking trojan, crafted to gain access to your financial accounts to steal funds.
Once you download the Google Play Update app, a fake update page with a "Continue" button is displayed on the screen. The page will use German, French, Spanish, Russian, Portuguese, Romanian, or English, depending on where you live.
If you tap on the button, you are taken to the Accessibility settings. Like many other banking trojans, Antidot is dependent on the Accessibility service to perform its intended activities. After permissions are granted, an ID is generated for your device.
The fake Google Play update app forces you to grant accessibility permissions to perform malicious activities.
The app also establishes a connection with the Command and Control (C&C) server and maintains a real-time, bidirectional interaction with it to carry out its operations.
It places a fake window on top of legitimate financial apps - which is what we call an overlay attack - to siphon off your credentials. This information can be used to gain access to your bank account or cryptocurrency apps.
It's also capable of keylogging, screen recording, call forwarding, copying contacts, reading your SMSs, locking and unlocking your device, and sending USSD requests (quick codes for requesting services like balance inquiry).
In short, this malware is capable of taking full control of your Android device and what makes it really dangerous is that it's good at hiding its presence.
So you might be having coffee on your couch, while this abomination of an app is silently sending your hard-earned money to its masters or reading those texts no one was supposed to read.
To avoid falling prey to such threats, only download apps from trusted sources, though that alone is not enough to keep you protected. You should also be careful when opening links sent to you by unknown or untrustworthy contacts and be wary of granting unnecessary permissions to apps.
Create a free account and join our vibrant community
Register to enjoy the full PhoneArena experience. Here’s what you get with your PhoneArena account:
Anam Hamid is a computer scientist turned tech journalist who has a keen interest in the tech world, with a particular focus on smartphones and tablets. She has previously written for Android Headlines and has also been a ghostwriter for several tech and car publications. Anam is not a tech hoarder and believes in using her gadgets for as long as possible. She is concerned about smartphone addiction and its impact on future generations, but she also appreciates the convenience that phones have brought into our lives. Anam is excited about technological advancements like folding screens and under-display sensors, and she often wonders about the future of technology. She values the overall experience of a device more than its individual specs and admires companies that deliver durable, high-quality products. In her free time, Anam enjoys reading, scrolling through Reddit and Instagram, and occasionally refreshing her programming skills through tutorials.
Recommended Stories
Loading Comments...
COMMENT
All comments need to comply with our
Community Guidelines
Phonearena comments rules
A discussion is a place, where people can voice their opinion, no matter if it
is positive, neutral or negative. However, when posting, one must stay true to the topic, and not just share some
random thoughts, which are not directly related to the matter.
Things that are NOT allowed:
Off-topic talk - you must stick to the subject of discussion
Offensive, hate speech - if you want to say something, say it politely
Spam/Advertisements - these posts are deleted
Multiple accounts - one person can have only one account
Impersonations and offensive nicknames - these accounts get banned
Moderation is done by humans. We try to be as objective as possible and moderate with zero bias. If you think a
post should be moderated - please, report it.
Have a question about the rules or why you have been moderated/limited/banned? Please,
contact us.
![T-Mobile users can get iPhone 16 for the price of a budget phone (no new line) [UPDATED]](https://m-cdn.phonearena.com/images/article/167601-wide-two_350/T-Mobile-users-can-get-iPhone-16-for-the-price-of-a-budget-phone-no-new-line-UPDATED.jpg)
FCC OKs Cingular\'s purchase of AT&T Wireless
Things that are NOT allowed: