Checkpoint has issued an alert on its blog:  Dangerous Malware Dropper Found in 9 Utility Apps on Google’s Play Store. The new dropper – Clast82 – is being spread via 9 malicious Android apps on the official Google Play store, allowing attackers to obtain access to victims’ financial accounts and take full control of their mobile phone, while avoiding detection by Google Play Protect.  An expert with Approov offers perspective.  

Subscribe
Notify of
guest
1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
George McGregor
George McGregor , VP of Marketing
InfoSec Expert
March 15, 2021 10:36 am

<p>The malware’s ability to remain undetected demonstrates the importance of why a mobile security solution is needed. It is not enough to just scan the app during the evaluation period, as a malicious actor can, and will, change the application’s behavior using 3rd party tools. As the payload dropped by Clast82 does not originate from Google Play, the scanning of applications before submission to review would not actually prevent the installation of the malicious payload. A solution that monitors the device itself, constantly scanning network connections and behaviors by application would be able to detect such behavior.</p> <p> </p> <p>Innovations in mobile app API security are driving effective ways to prevent any replication, manipulation or imitation of a mobile app for nefarious purposes. Nothing other than a genuine untampered mobile app can access the API and this is constantly verified in real-time.</p>

Last edited 1 year ago by George McGregor
1
0
Would love your thoughts, please comment.x
()
x