• Welcome to Free PC Help, a free PC Help forum to get help with your computer problems.

    Free PC Help is a community that offers free computer help and support for all users, all ages, worldwide.

    In order to start asking questions or contribute on someone else's post you will first need to register. Don't worry - it's quick and easy and once you have registered you will have instant access to the entire forum.

    If you do decide to join the forums you will not have the option to send Private Messages [ PMs ] or add a Signature until you have made 5 posts or more. This is an attempt to try to stop Spammers using the PM system or adding links to their Signature.

Cheat Tool for Android Games Delivers Dangerous Banking Trojan

  • Thread starter
  • Admin
  • #1


Admin & Security Team
Feb 19, 2010
Midlands, UK
PC Experience
Very Experienced
Security researchers from Russian firm Dr.Web have discovered a new banking trojan named Android.BankBot, which hides inside a game cheating tool for Android users.

Google didn't name its app store the "Play" Store for nothing because it knew very well that games would take up most of our time while on our devices, and they were right.

The Play Store currently harbors millions of games, from the most simple word puzzles to full-on sports simulators such as EA Madden Mobile.

Android.BankBot hides inside game cheating tool called HACK

As is with desktops, not all users are apt to play these games, and some will feel the need to cheat their way to a round's top score, or when playing against their friends.

The world of game cheating tools didn't stop with desktops, and there are plenty of such tools available for Android devices.
Dr.Web security researchers are now warning users not to fall victim to their pride and narcissism, and stay away from such tools.

The company is basing its advice on their recent discovery of a game cheating app for Android games simplistically called HACK.

HACK needs administrator rights to function

Crooks are distributing this app from third-party stores, and users who install it are immediately prompted to give it administrator rights.

Once it gets them, then you probably know what happens. HACK hides its icon from the home screen, fingerprints the infected device, and starts communicating with a central command server.

From there, crooks tell it to harvest login credentials for the user's banking apps and then instruct it to exfiltrate funds from the compromised account.

To go around two-factor authentication procedures, Android.BankBot can intercept and send USSD requests, SMS, and even reroute calls.

Android.BankBot is not as dangerous as Fanta SDK

Despite this, the app is not as dangerous as an Android banking trojan discovered by Trend Micro and called Fanta SDK, which, if it gets caught, locks the users device with a random PIN, in order to empty their bank account of all money.

Trend Micro said they found Fanta SDK on the same servers used to distribute other Android banking trojans such as ZBot.
Dr.Web also revealed that the same Web server that distributed the HACK app was spreading ZBot as well.

The third - party store distributing the malicious HACK app

Below is a screenshot of the malicious app's required privileges, and then the app requesting administrator rights from the user.

HACK's installation screens

Top Bottom