Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Incident Response, TDR, Threat Management, Malware, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Malicious app BankMirage makes quick appearance in Google Play

It appears that saboteurs, who slipped a malicious app into the Google Play store, were testing their malware out on unsuspecting users, researchers found.

The malware, called BankMirage, masqueraded as a legitimate banking app for customers of Mizrahi Bank in Israel. After going undetected a few days in the official app store for Android users, however, researchers at security firm Lookout became privy to the scheme.

In a Tuesday blog post, the company revealed that they notified Google of the threat, and that the tech giant immediately removed the malicious app.

Once users downloaded BankMirage, it loaded an in-app login form designed to steal victims' user IDs, the blog post said.

In a Wednesday interview, Jeremy Linden, senior security product manager at Lookout, told SCMagazine.com that miscreants may have been experimenting with the malware's features– which could explain why users' passwords were not up for grabs.

“One possibility is they were testing [the malware] functionalities, and they were going to then add the actual malicious functionality,” Linden said.

He added that, in this instance, user IDs for the app were not email addresses, a scenario which may have presented an opportunity for future phishing attacks.

Lookout alerted Google of the malicious app last Thursday, Linden said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.