According to a report, a currency converter app 'Easy Rates Converter' on Google Play Store has been caught stealing banking credentials from Android devices. Lukas Stefanko, security researcher, has first identified the 'Easy Rates Converter' app as malicious.
Though it seems to be legitimate, the app installs a hidden Trojan and phishes users into entering passwords of their internet banking accounts. The app was available with more than 500 downloads but has been removed now.
Leading users into thinking it's legitimate, it worked just like any other converter but also downloaded a Trojan titled 'Update Flash Player' in the background. This malware then sought installation and device administration permissions to establish its roots.
As it is demonstrated, after installation, the Trojan sits quietly, waiting for the user to open a banking app. Once that happens, it comes into action and creates a copy of the legitimate app. The fake app overlays the real-one and presents a pretty similar login page, asking login credentials from the user.
If entered, the details are sent to the phishers' servers. The fake app also prevents users from switching to the original app and stays on top.
To avoid such apps, users can follow some basic rules and install only verified apps with many more installs. Also they should check ratings and reviews of the app before downloading.