Early Prime Day Deals Roe v. Wade Overturned Surface Laptop Go 2 Review 4th of July Sales M2 MacBook Pro Deals Healthy Meal Delivery Best TVs for Every Budget Noise-Canceling Earbuds Dip to $100

Apps in Google Play store that stole banking logins were downloaded 300,000 times, report says

Banking login theft hit users through a batch of nasty apps in the Play store. Google says the apps have been yanked.

huawei-google-play
Juan Garzon/CNET

A batch of seemingly harmless apps in the Google Play store that were actually malware in disguise and were used to steal people's bank account logins have been removed from Play, Google confirmed Tuesday. The researchers who discovered the bogus programs said they'd been downloaded by Android users around the world more than 300,000 times, according to an Ars Technica report on the 12 apps.

Mobile security researchers at ThreatFabric found malware designed to steal people's online banking passwords and two-factor authentication codes. They said the malware also logged keystrokes and even took screenshots through people's phones.  

Though the tainted apps used a few different methods of deception, the researchers said many of the apps bypassed Google's new security restrictions by first offering people a seemingly legitimate app that initially tested negative for malware. The apps even functioned just as advertised when users first downloaded them. 

Once the apps were installed, though, they prompted people to update them. That's when the malware was installed in the form of a Trojan horse, a type of malware characterized by its initially harmless appearance.