PHONE owners have been issued a stark warning over dangerous apps disguised as “legit” downloads.
They work as bank-emptying tools for hackers, silently pilfering your money and private info.
Worryingly, this type of attack is aimed at people using smartphones.
There are billions of phones running on ‘s Android software out in the world, so the warning shouldn't be ignored.
The attack works by tricking you into downloading seemingly safe that are actually designed to raid your phone for money and info, according to security giant McAfee.
“Instead of helping you, these apps secretly steal your private info,” explained McAfee's Brooke Seipel.
DODGY DOWNLOADS
The crooks are using a development tool called .NET MAUI to create “fake apps that look and feel like the real thing”, Brooke explains.
These apps might claim to be for banking, , or access to social media.
The tool itself is meant to be used to create legitimate apps, but McAfee says are exploiting it to trick innocent Android phone owners.
“The decision to build with .NET MAUI helps hide their dangerous code from most antivirus software,” Brooke warned.
“Think of it like a thief wearing an invisibility cloak—unless you’re really looking, you won’t see them.”
McAfee revealed how one fake download was posing as a real banking app called IndusInd Bank.
And it would appear to be a legitimate money-handling app, but would request very sensitive info.
That would include user names, phone numbers, email addresses, birthdays, tax identifiers, and even credit card info.
This data would then be shipped off to a server belonging to hackers who could use it to raid your finances.
To stay hidden, the apps play a clever trick to stay hidden, according to McAfee.
“Normal Android apps have code in a format security tools can scan,” Brooke explained.
“These fake apps hide their code in binary files so it can’t be easily detected.
“That lets them stay on your phone longer—stealing quietly in the background.”
Another scam app was a fake social media server that was aimed at Chinese-speaking Android phone owners.
This terrifyingly effective app would steal contacts, texts, and even photos from the phone.
And the data it was pilfering was encrypted so that the theft was harder to detect.
STAYING SAFE
The good news is that these apps aren't available on the regular Google Play Store.
That's where most Android phone owners would .
Instead, these apps are offered via download links shared by hackers. They could also be spread through genuine accounts that have been stolen by crooks. This is the major warning sign you need to watch out for: suspicious apps being offered outside of the Google Play Store.
Brooke said that hackers are using “fake websites, messaging apps, and sketchy links in texts or chat groups”.
“So if someone sends you a link to a cool new app that’s not from the Play Store – be extra careful,” Brooke urged Android phone owners.
Google has – as well as the – to help weed out from the Play Store.
But if you're downloading apps that are being shared over the internet directly, you're at much greater risk of downloading something dangerous.
McAfee said that red flags include links coming from strangers, or downloads that have strange app permissions (like wanting to read your texts).
