Specialists of the information security company Bitdefender warned that threat actors are distributing malware under the guise of popular Android applications from well-known companies. The fake VLC player, Kaspersky anti-virus, and fake FedEx and DHL applications install the Teabot or Flubot banking trojans on victims' devices first discovered earlier this year.

Teabot is capable of intercepting Google authentication codes, logging keyboard strokes, performing overlay attacks and, in some cases, seizing full control of the device. The Flubot trojan is a little simpler, but its functionality is sufficient to steal victims' banking, SMS and other types of private data. The malware also has the properties of a worm - it can spread automatically via SMS.

The fake apps discovered by the researchers are not listed on the Google Play Store and are only distributed via third-party stores.

Source: securitylab.ru