Tech & Science Protect Your Banking Data From This New Android Threat

© Getty Image: Getty Images

A new malware threat has been found lurking in the depths of Google's Play Store and this time it's coming for your banking details. Here's what you need to know.

Researchers at Lookout, a mobile cybersecurity company, found a number of Android apps on the Google Play Store had been exploited by a vulnerability called Strandhogg.

The vulnerability allows hackers to pop an overlay over common apps in order to capture information entered. The affected apps could pretend to be your bank app, for example, and when you enter your banking details, it would capture your login credentials and use them to access your bank account. Lookout found 36 apps had been exploiting the vulnerability but did not name which ones specifically.

How to set an alarm on your Android phone or tablet in 4 simple steps

You can set an alarm on your Android device - as well as start a timer, use a stopwatch, and check the time around the world - through the built-in Clock app. When you set an alarm, you can customise its ringer noise, its snooze settings, and more.Visit Business Insider's homepage for more stories.It's a sad fact of life that on most days, we have to get out of bed earlier than we'd like. Luckily, nearly every device nowadays has some sort of alarm feature to keep you on schedule.This includes your Android phone and tablet, which comes pre-loaded with a Clock app that's reliable, easy to use, and very persuasive.

The vulnerability, and the malicious apps, have been reported to Google but the report explains they've found tangible evidence that the exploitation may have affected a number of users already.

Is it time to dispose of my Android device?

Before you calmly walk to the bin and dump your hot malware-ridden device in it, there's no need to be rash. While the researchers said it was not easy to tell whether your device had been affected, it did point to some key indications.

The following signs could indicate an app is affected:

• An app or service that you’re already logged into is asking for a login.
• Permission popups that does not contain an app name.
• Permissions asked from an app that shouldn’t require or need the permissions it asks for. For example, a calculator app asking for GPS permission.
• Typos and mistakes in the user interface.
• Buttons and links in the user interface that does nothing when clicked on.
• Back button does not work like expected.

As always, the best advice is prevention and being informed. It's best to only use trusted apps and check who the supplier is when downloading them from the Play Store. If there are typos or incorrect branding, it may not be the app you think you're downloading. Being mindful of what information you enter into an app is also important to be vigilant of. Unless it's your trusted banking app, it's probably not wise to chuck your details in anywhere.

While it certainly seems like a case of the Boy Who Cried Wolf, the constant stream of Android security alerts should never be dismissed lightly; especially when they come from cybersecurity professionals. Until the next malware alert, stay safe out there.

[Via Ars Technica]