An app called QR Code & Barcode Scanner app is said to have installed what is known as remoted access trojan (RAT) into the device of its victims. The said trojan is capable of stealing personal data such as passwords, messages, and more.
Specifically this kind of RAT is known as the TeaBot, whose return was reported by a security firm on Tuesday. The security firm also said that the QR Code & Barcode Scanner app has been installed more than 10,000 times already.
TeaBot is the latest addition to the list of malware that have infected countless Android devices via infected apps users have installed.
QR Code & Barcode Scanner App Contains Trojan That Steals Passwords, Messages
If you have downloaded an app called QR Code & Barcode Scanner, it is best if you delete it as soon as possible.
According to a report by Ars Technica, the app infects devices with a trojan that steals confidential data of its users. Unfortunately, as of press time, the app has already been installed more than 10,000 times.
Per the report, the malicious app has already been removed by Google from Google Play.
Specifically, the app is said to have spread a RAT known as TeaBot. Security firm Cleafy reported its return on Tuesday.
How the Malicious App was Able to Trick Users
According to Ars Technica, "The fraudulent scanner app distributed on Play was detected as malicious by only two antimalware services, and it requested only a few permissions at the time it was downloaded."
What also contributed to the app being able to masquerade as harmless are the reviews that talked about its legitimacy and how it worked well.
Users who have installed the QR Code & Barcode Scanner app have said to encountered a pop-up informing them of an update that can be installed.
However, Ars Technica reported that "the pop-up downloaded it from two specific GitHub repositories created by a user named feleanicusor." This paved the way for the installation of the TeaBot trojan.
Other Android Malware You Should Be Wary Of
TeaBot is the latest in the list of malware that have infected Android devices. It is also the latest example of malware that has been spread through the use of malicious apps.
Early this month, the existence of the BRATA Android trojan was reported here on iTech Post. This malware has the capacity of wiping both your bank accounts and your mobile phone clean.
Another Android trojan that users should be careful of is known as the Cynos trojan. According to a separate iTech Post report, this malware is known for collecting sensitive user data. It was reported that this trojan was able to infect an estimate of 9,300,000 Android devices last year.