Search

Newsletter image

Subscribe to the Newsletter

Join 10k+ people to get notified about new posts, news and tips.

Do not worry we don't spam!

GDPR Compliance

We use cookies to ensure you get the best experience on our website. By continuing to use our site, you accept our use of cookies, Privacy Policy, and Terms of Service.

Phone owners MUST check for ‘legit-looking’ apps that ‘quietly steal’ from your bank as sinister warning sign revealed

Published on April 07, 2025 at 02:07 PM

PHONE owners have been issued a stark warning over dangerous apps disguised as “legit” downloads.

They work as bank-emptying tools for hackers, silently pilfering your money and private info.

Smartphone displaying a calendar event and weather information.
The attack targets Android phone owners, tricking them into installing dodgy downloads

Worryingly, this type of attack is aimed at people using smartphones.

There are billions of phones running on ‘s Android software out in the world, so the warning shouldn't be ignored.

The attack works by tricking you into downloading seemingly safe that are actually designed to raid your phone for money and info, according to security giant McAfee.

“Instead of helping you, these apps secretly steal your private info,” explained McAfee's Brooke Seipel.

DODGY DOWNLOADS

The crooks are using a development tool called .NET MAUI to create “fake apps that look and feel like the real thing”, Brooke explains.

These apps might claim to be for banking, , or access to social media.

The tool itself is meant to be used to create legitimate apps, but McAfee says are exploiting it to trick innocent Android phone owners.

“The decision to build with .NET MAUI helps hide their dangerous code from most antivirus software,” Brooke warned.

“Think of it like a thief wearing an invisibility cloak—unless you’re really looking, you won’t see them.”

McAfee revealed how one fake download was posing as a real banking app called IndusInd Bank.

And it would appear to be a legitimate money-handling app, but would request very sensitive info.

That would include user names, phone numbers, email addresses, birthdays, tax identifiers, and even credit card info.

This data would then be shipped off to a server belonging to hackers who could use it to raid your finances.

To stay hidden, the apps play a clever trick to stay hidden, according to McAfee.

A hooded figure using a tablet to unlock a digital lock.
Criminals are tricking users into installing fake apps that silently steal your info – and even raid your bank

“Normal Android apps have code in a format security tools can scan,” Brooke explained.

“These fake apps hide their code in binary files so it can’t be easily detected.

“That lets them stay on your phone longer—stealing quietly in the background.”

Another scam app was a fake social media server that was aimed at Chinese-speaking Android phone owners.

This terrifyingly effective app would steal contacts, texts, and even photos from the phone.

And the data it was pilfering was encrypted so that the theft was harder to detect.

STAYING SAFE

The good news is that these apps aren't available on the regular Google Play Store.

That's where most Android phone owners would .

Instead, these apps are offered via download links shared by hackers. They could also be spread through genuine accounts that have been stolen by crooks. This is the major warning sign you need to watch out for: suspicious apps being offered outside of the Google Play Store.

Brooke said that hackers are using “fake websites, messaging apps, and sketchy links in texts or chat groups”.

“So if someone sends you a link to a cool new app that’s not from the Play Store – be extra careful,” Brooke urged Android phone owners.

Google has – as well as the – to help weed out from the Play Store.

Illustration of a person using Google Play to watch videos and shop.
McAfee recommends being extra careful if you're ever downloading any Android app from outside of the Google Play Store

But if you're downloading apps that are being shared over the internet directly, you're at much greater risk of downloading something dangerous.

McAfee said that red flags include links coming from strangers, or downloads that have strange app permissions (like wanting to read your texts).

Prev Article

US court bars Trump from removing Democrats from labour boards

Next Article

Wike, others planning extend Rivers six months emergency rule – Suspended Commissioner, Gbali

Related to this topic:

Comments (0):

Be the first to write a comment.

Post Comment

Your email address will not be published. Required fields are marked *