Beware of this fake Play Store: there is also Immuni but it is not the real one (and it steals your money)

Source: HW Upgrade added 25th Nov 2020

  • beware-of-this-fake-play-store:-there-is-also-immuni-but-it-is-not-the-real-one-(and-it-steals-your-money)

A new Android malware tries to exploit the name of the Immuni app to embarrass users. And it is not the only replicated application since there are also those of eBay, Paypal, Credem, Amazon, Intesa San Paolo. Here’s how it works.

by Bruno Mucciarelli published , at 11: 47 in the Telephony channel

Android

The Computer Emergency Response Team (CERT) dell ?? AGID , The Agency for Digital Italy which reports to the Presidency of the Council of Ministers, has discovered a site that graphically does nothing but exactly replicate the Google Play Store . The bad thing, however, is that the site not only replicates the graphics but also allows you to download applications that are completely infected . Moreover, the problem is that among them there is also the famous app Immuni , for the tracking of positive contacts from COVID, which is completely false and created ad hoc to spread a malware .

Immune and not only: here are all the apps on the fake Play Store

The bogus Play Store site was discovered by the Italian cyber security company D3Lab and fortunately the discovery only took place 10 days after the bogus Play Store went online. The replica of the app store is completely Italian and the applications that have been put in place on the fake virtual shop are apps concerning bank services and not only but all of our territory. The malware carried by these applications has not yet been analyzed, but according to the CERT it comes from a derivative of Anubis which we know well turns out to be one of the most used malware in Android.

But what are the “ bogus ” applications that the Play Store is equally false? In this case we start from the most important at this moment, namely Immune. The application of contact tracing to be able to fight against COVID spread – 19 is has been completely replicated and users could stumble upon the bogus site and download the one that is not absolutely immune but that allows the bad guys to empty their wallet.

Not only because there are also other dangerous applications replicated. Let’s talk about Amazon Shopping , Credem , Inbank , Intesa Sanpaolo , InBank , eBay , PayPal . All applications that users easily download as soon as they pick up a smartphone and which therefore can somehow impact the ” bad ” work of hackers. And in detail, Anubis can read and steal the data present in a smartphone but also track everything the user types on the smartphone, or even encrypt all the data and then ask for a ransom. IS?? therefore an extremely dangerous malware and the immediate solution is to always and only proceed with the installation of applications from the Play Store that already installed on the smartphone as soon as it leaves the factory. The rest is better left alone.