Bankbot malware is on the attack again!  Once again, this data-stealer has managed to get past the safeguards of the Google Play store and onto phones disguised as a legitimate-looking app.  Security Researchers at ESET were the first to discover it.

This time out it was hidden in a game called Jewels Star Classic.  It was available in the Play Store between August 26 and September 7.

jewel-star-classic.jpg

Once you play the game, the malware waits about half an hour and then installs Bankbot. Users are tricked with an alert that says they need to enable a Google service.

enable-services-scam

That’s when it gets to work and starts watching your every move to steal your banking information.  It even turns into your default texting app. If your device is infected, you’ll see a pop-up asking for credit card info when you open the Google Play store. The hackers will then steal your information.

If you downloaded this game, you’ll want to remove it immediately.  Your best bet will be to factory reset your phone to get rid of anything it might have installed.  Make sure to change your passwords and notify your bank as well.