Skip to content

This Android Hack Could Mean Your Finances Aren't Safe, Experts Warn

A new security threat could be putting your bank account at risk.

Smartphones have become an indispensable tool we use to do so much more than make phone calls and send texts, especially in how we handle our money. The pocket-sized devices can now replace your credit card for payment at a cash register, buy and sell stocks with the push of a few buttons, and allow you to instantly send funds to a friend while splitting the check at dinner. But even though this easy access to your money is convenient, it also opens up a whole new world of vulnerabilities that criminals can exploit. And now, experts are warning Android users that a hack targeting their phones could be putting their finances at serious risk. Read on to see what could be jeopardizing your personal funds.

READ THIS NEXT: Security Experts Warn All Gmail and Facebook Users to Do This Now.

Google has recently given several warnings to Android users about security threats.

Holding an Android cellphone
ymgerman / Shutterstock

Over the past few months, Android users have been no strangers to warnings from Google and security experts about a string of new security threats targeting their devices. On June 14, antivirus company Dr. Web announced that it had discovered the popular PIP Pic Camera Photo Editor app on Google's Play Store contained potentially dangerous malware. Once downloaded, the program can steal the user's Facebook login credentials, which hackers can then use to commit identity fraud online, gain access to other accounts, and send scam messages to the victim's contacts, The Sun reported.

Other threats have also targeted users' funds. In April, financial cybersecurity firm ThreatFabric announced in a blog post that it had discovered a new version of an infamous piece of Android-targeting Trojan-style malware known as "Octo" that allows hackers to take over any devices that download it, giving them access to sensitive information and allowing them to commit fraud tied to bank accounts. And in May, cybersecurity firm Kaspersky announced that it had discovered three apps in the Google Play store that contain Trojan-style hacker software known as "Jocker." The program lures victims by pretending to be other popular apps, but once installed, the malware takes control of the device and signs the user up for costly subscriptions to other services. But now, experts are warning of another threat making the rounds.

Experts are warning Android users about a new security threat that targets their finances.

A woman using an Android smartphone while a male colleague watches over her shoulder

On June 15, cybersecurity firm F5 Labs announced it had discovered a new type of malware targeting Android users known as MaliBot. Experts warn that once the Trojan-style software is downloaded onto a device, it goes to work stealing the credentials and codes it needs to access banking accounts, cryptocurrency wallets, and other personal data. Thieves can then use the information to hijack accounts and steal funds, The Sun reports.

RELATED: For more up-to-date information, sign up for our daily newsletter.

The malware sneaks its way onto phones by disguising itself as other apps.

hacker at computer

According to the report from F5 Labs, the malware works its way onto devices by disguising itself as other popular apps, including a legitimate cryptocurrency mining app known as The CryptoApp, which has more than a million downloads on the Google Play Store, The Sun reports. They also warn MaliBot has been tied to bogus copycat versions of a cryptocurrency app called Mining X.

Once installed, experts from F5 warn that the malware can take over your device, granting it control to receive, send, and delete text messages that it uses to steal authentication codes needed to access financial accounts.

Here's how to avoid falling victim to the latest scam.


Fortunately, the experts from F5 say there are some easy ways to avoid falling victim to this latest cybersecurity threat. They recommend only downloading apps or software from trusted official sources such as the Google Play store. However, since security threats still slip through, it's best to always research developers and read reviews before installing a new program onto your device. If you begin to question the authenticity of a program, delete it immediately and change your passwords and security credentials on any of your sensitive accounts.

Cybersecurity experts from Kaspersky also recommended being wary of strange behavior from newly downloaded apps, especially how they request permission to features on your device. They caution to "only allow access to notifications for apps that need it to perform their intended purposes—for example, to transfer notifications to wearable devices. Apps for something like themed wallpapers or photo editing don't need access to your notifications."

READ THIS NEXT: If You Have an Android, You'll Be Barred From Doing This, Starting in August.

Zachary Mack
Zach is a freelance writer specializing in beer, wine, food, spirits, and travel. He is based in Manhattan. Read more
Filed Under
 •  •  •  •