Fake VLC And Kaspersky App Spread TeaBot Malware

Fake VLC And Kaspersky App Spread TeaBot Malware


Recently, it was revealed that a fake application called Kaspersky Free Antivirus had spread a Trojan while masquerading as the popular application Kaspersky Internet Security. Unfortunately, these aren't the only apps out there trying to spread malware through such tactics.

Related: Differences between viruses, worms, ransomware, trojans, bots, malware, spyware, etc.

Many third-party apps try to imitate popular apps to infect your phone and get your password. Some of the emulated apps include TeaTV, VLC MediaPlayer, Mobdro, DHL, UPS, and bpost. Popular banking apps like Bankia Wallet, BankinterMovil, BBVA Spain, Bankia, Openbank, Cajasur, and Ibercaja are also affected by this.

These apps require several permissions to install, including an accessibility service that allows them to keylogging and stealing Google Authenticator codes. These high-level permissions allow hackers to completely control the infected Android device remotely.

trojan infected apps

TeaBot and other Android-based trojans have the potential of stealing user credentials and wreaking havoc with account takeover fraud and identity theft within the banking system,” says Rajiv Pimplaskar, CRO, Veridium. “While currently, these Trojans appear to be localized within certain European countries, for the time being, such attacks can quickly spread regionally and across the globe.”

How to identify and save yourself from these trojan apps?

This app is available from third-party marketplaces, this app requires you to allow your device to download software from unknown sources.

While there is nothing wrong with downloading such an app, there is no telling which app might be hiding some malware.

In addition, these apps require permissions such as accessibility services, read phonebooks, read phone states, use device biometrics, change audio settings, show pop-ups on top of other apps, and delete other apps. So users should think twice before granting this permission to third-party apps.

The VLC media player is one of the most downloaded applications spreading at least 92% malware. Another Trojan called Flubot (also known as Cabassous) also interferes with this application, attacking users by sending spam messages.

Flubot trojan apps

Currently, the only way to identify this trojan is to get antivirus software for your device. This will help you detect trojan files early and help you get rid of this software.

Also Read:

Keywords: fake vlc, malware, teabot malware, kaspersky app, trojan horse