Flashlight App Steal
Data:
Recently, a flashlight app for Android smartphones was launched. This
is an app stealing data of smartphone owner. It is a fake app, which takes some
personal data of users via camera flash. The app has a harmful Trojan which obtains
your data like banking, text messages and takes photos of your face. The fraud
activities conducted without your permission.
The app is called Flashlight LED Widget. The user also uses
this app as a torch. The first news of this dangerous app came from a company
blog by Eset security researcher, Lukas Stefanko. He said that the app displays
a fraudulent screen which imitates original banking apps. It fools the users by
forcing them to provide real username and password. The flashlight app can also
hack text messages which will help in two-factor authentication.
Lukas Stefanko also added that it doesn’t matter which
Android version you are using. It can attack any version of Android devices. It
has been spreading worldwide very instantly. This app is of vibrant nature
hence no one can count the number of devices is affected by this app. The
malicious app receives the HTML code of the apps installed on user’s Android
device. After installation, the HTML code is used to cover the apps with fraud
display.
Previously, an Android app from Australian banks has been
mimicked by the malware. The malware was identified by the name
Trojan.Android/Charger.B. Stefanko further added that the malware has also
affected some mobile banking apps of Commbank, NAB, and Westpac Bank. It is not
limited to banks whereas the app has faked the screen of social media platform
of Facebook, WhatsApp, Instagram and Google Play.
The Flashlight LED Widget was listed on Google Play on March
30 this year. It was downloaded by approximately 5,000 Android devices. Soon on
April 10, Google removed it from the store. According to reports, there maybe
some android apps stealing data.
when the app obtains data of the smartphone being from
Russia, Ukraine or Belarus, a server blocks the malware from causing any future
damages. This step was taken to save undertaking of the criminals in the native
land. It takes a snap of the user’s smartphone via front camera, then sent to
its central server. The app can also withdraw money from the user’s bank
account. For stealing money, they lock the Android screen when a user is
withdrawing money via net banking. Then, the user observes a fake screen which
easily hides fraud activities from the user.
If you have installed the wicked app then doesn’t think it
is easy to uninstall. You have to reboot your device in the safe mode for
permanently deleting the app from your device. You can read the blog post of
Stefanko for getting the full tutorial. The blog has a full explanation of
removing the app from your device. You can also watch the video by ESET for
removing the malware permanently from your Android device.
