Fake popular Android app versions found stealing credentials

A recent report showed that users' credentials are being stolen by malicious Android apps using phishing URLs mimicking well-known services that include Facebook, GitHub, Instagram, LinkedIn, Microsoft, Netflix, PayPal, Proton Mail, Snapchat, Tumblr, X, WordPress, and Yahoo, though it is unclear what the campaign's distribution vector is, reports The Hacker News.

The rogue app, once installed in the phones of the users, will request permissions to be granted and once these permissions are approved the rogue app can gain control of the device, allowing it to carry out actions such as data theft or malware deployment without the knowledge of its victims.

Symantec has already warned that a social engineering campaign uses WhatsApp as a delivery vector to spread a new Android malware that poses as a defense-related application. In Finland last week, it was revealed by the country's National Cyber Security Centre that banking data is being stolen through smishing messages instructing users to Android malware, according to The Hacker News.