Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Network Security, Security Strategy, Plan, Budget, Vulnerability Management, Threat Management, Threat Management, Malware, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Trojan in app on Google Play shuttered

A variant of the malware family Acecard was detected in the Google Play store by researchers at Lookout.

The malware, hidden within a card-playing app called Black Jack Free, has been 86'd from the market and Lookout is advising those who downloaded it to remove it immediately and change passwords to sensitive accounts.

Black Jack Free allows users to play cards for free, using play money. However, the nefarious tool is working behind the scenes to siphon funds from victims' bank accounts. A secondary app imposes overlay windows on top of legitimate banking apps and other sites, including Facebook and Skype, to dupe users into keying in online credentials and PII.

The app can also intercept SMS messages, send them to a malware server, forward phone calls and then lock the device screen, wiping all user data from the device.

The app had been downloaded 5,000 times before it was deleted.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.