Skip to main content
  1. Home
  2. Mobile
  3. News

Clone app that steals usernames spotted in Google Play Store

By
google-play-store
Image used with permission by copyright holder

A malicious cloned banking app has cast doubt on the security of the Google Play store. In a blog post, mobile security company Lookout announced that it uncovered malware that steals user credentials.

The cloned app, called BankMirage, targets customers of an Israeli financial institution called Mizrahi Bank. According to Lookout, the creators of the malware put a wrapper around the bank’s legitimate app and redistributed the clone in the Google Play Store. 

When a user opens the app, a login form is loaded and the app collects user IDs as credentials are being entered. Once the user ID has been stolen, the app displays a login failed message and directs users to reinstall the official Mizrahi Bank app from the Play Store. 

Related

Oddly, the creators of the cloned app only target user IDs, not passwords. In the code for the malware, the developers inserted a comment that directs the software to only collect user IDs.     

“Unfortunately, with an app that sneaks into the Google Play Store, it’s hard to use traditional means to protect yourself. For example, looking to see if this is a developer you trust, or making sure your phone has ‘Unknown sources’ is unchecked to prevent dropped or drive-by-download app installs,” the Lookout report reads.

“You can, however, go on some instincts. For example, if you see a duplicate of the app you’re trying to download, one might not be legitimate. You can otherwise keep yourself safe by installing an app-scanning security solution on your phone, such as Lookout.”

The discovery comes just days after researchers announced a major security flaw in the Google Play Store itself. The bug, which was unveiled by experts from Columbia University, affected secret keys in Play Store software. The researchers created an app called PlayDrone and found that developers stored secret keys in apps, which is said to be tantamount to writing the PIN number on ATM cards. The information can be used to steal user data from social networks like Facebook.  

Lookout has alerted Google to the BankMirage malware. The app has since been removed.

Editors’ Recommendations

Topics
Christian Brazil Bautista
Christian Brazil Bautista
Former Digital Trends Contributor
Christian Brazil Bautista is an experienced journalist who has been writing about technology and music for the past decade…
The 1Password Android app just got a huge upgrade
The 1Password Android app, side-by-side, showing the light and dark mode.

The 1Password password manager app for Android has just gotten a huge new update, which unlocks the use of passkeys through its app. Held by many as the future of secure authentication, passkeys are the next evolution of the password, and from today, you'll be able to use 1Password to create, manage, and unlock your accounts that use passkey authentication.

1Password is one of the world's most popular password managers, with over 700,000 passwords saved. But it clearly sees that the future is elsewhere, as it has been leading the charge on taking passkeys into the mainstream.

Read more
How to install the Google Play Store on an Amazon Fire tablet
The back of the Amazon Fire Max 11 tablet.

The Amazon Fire lineup is filled with affordable Android tablets. Offering plenty of functionality without the price tag associated with products from Samsung or Lenovo, Amazon's home-grown family of tablets is an easy recommendation for frugal shoppers. There's a bit of caveat to the lineup, however, as none of them come preinstalled with the Google Play Store.

Read more
How to use Google’s Gemini AI app on your Android phone
How to use Gemini on your Android.based device.

Google's collaboration AI tool, Bard, has changed its name and is now known as Gemini. The tool is also now available as an app on the Google Play Store, meaning it's easier than ever to chat with Google's AI assistant on your Android phone.

Read more