Google’s foundations are shaking again with the entry of a dangerous virus in one of the apps that you and I may have downloaded from Google Play. Although the app store has all the protection measures and we even have Play Protect as a security measure on Android, a powerful malware has managed to bypass all the restrictions.
This does not usually happen, but to everyone’s surprise we find that the giant Google has made a mistake and has endangered all mobile phones . An attack that is directly aimed at banking data and that could scare users who only want to download an app to read a PDF document from their mobile phone.
An active threat
The VirusTotal website has been in charge of uncovering this threat, discovering after analyzing the size of several antivirus programs that the APK that offers access to the PDF application is modified with the intention of requesting the user to download a false update in the form of a complement. . This may seem strange to those who control the technology most, since the updates of the apps are made from Google Play, but many may have been delusional.
After installing the update that is apparently offered as a Flash Player extra, the software requests access to read the contacts, access the files and even view the passwords stored in the Google account. Then you just have to take all that information and use it against us. An app called PDF + that has more than 100,000 downloads and is ranked as one of the best in its sector, however it hides a big problem.
What should we do?
In the event that we do not have this app installed on our smartphone, we do not have to fear, however if we currently have it or had it installed, we have to take action. The first thing will be to get rid of it and for that we only have to follow this process:
- We enter Settings.
- We access the installed applications.
- We locate PDF +.
- We go into storage and clear data and cache.
- Then we uninstall it.
- We repeat the same process looking for the Adobe Flash plug-in and deleting it.
At least we will not have problems to end it from the mobile. But this may not be enough and we have to modify our access code from the banking app or in some cases call our bank to inform them of the problem. They can help us to modify the password and if necessary to corroborate the connections and movements in the account.