Google Play app downloaded more than 10,000 times contained data-stealing RAT

Extreme close-up photograph of a Google Play giftcard.

Enlarge (credit: Getty Images)

last May. It used streaming software and abused Android’s accessibility services in a way that allowed the malware creators to remotely view the screens of infected devices and interact with the operations the devices carried out. At the time, TeaBot was programmed to steal data from a predefined list of apps from about 60 banks around the world.

On Tuesday, security firm Cleafy reported that TeaBot was back. This time, the trojan spread through a malicious app called QR Code & Barcode Scanner, which as the name suggests, allowed users to interact with QR codes and barcodes. The app had more than 10,000 installations before Cleafy researchers notified Google of the fraudulent activity and Google removed it.

Read 7 remaining paragraphs | Comments