Threat actors are using a bogus but very real-looking Google Play Store page to fool Android users into downloading malware through phishing…
Unnamed malicious actors are running a new scam to deceive Android device owners. The campaign is spreading malware vis-à-vis a phony but genuine appearing Google Play Store page. It also involves phishing techniques, though exactly how the scheme is being run is yet unknown. However, it is successfully targeting millions of people and leaving numerous victims in its wake.
New Phishing Campaign Tricks Victims into Visiting a Fake Google Play Store to Deploy Malware
According to cybersecurity researchers from Cyble, cybercriminals have created a fake Google Play Store page, which is being used to target the millions of customers of Brazilian Itau Unibanco bank with a malicious mobile banking app. Potential victims are lead to the bogus web page — which looks nearly identical to the legitimate Google product — and prompts them to click an APK download button.
If the fake app is downloaded and run, it will try to open the actual Itau Unibanco app from the legitimate store, and use it to clear out the victim’s accounts. The app doesn’t even need any major permissions during installation, making it hard for antivirus and anti-malware tools to detect it.
Although the fake website has already been taken down, it’s still possible for another fraud to take its place. Anyone being directed to download an APK should avoid doing so, because this is a serious red flag.