The new malware is stealing bank credentials across Europe

The Depot Trojan horse is widespread in Belgium and France, including Spain, Germany, Italy and the Netherlands.

Android users are once again the target of dangerous malware. Identified by cyber security researchers at Clean, Debot malware seeks to control its bank accounts and recover the bank information of its victims. To achieve this, the malware pretends to be an infected app and tries to fool its victims, thus installing it on their smartphone.

The Debot actually belonged to the genus of Trojan horses. Thus, the malware takes on the appearance of a normal application providing various services – the depot has changed its appearance over time. Once installed, the application will ask for false permissions that are supposed to be working properly. In fact, it very simply allows its editors to receive live feed from the screen of the device, but also allows it to communicate with the smartphone. This way, they can retrieve the bank information of their targets and the verification code sent by SMS. Additionally, once approved, the malware makes its icon invisible for running in the shadows.

The Trojan horse, which has been active since at least January, is currently targeting sixty banks across Europe. Many cyber attacks against Italian, Belgian and Dutch banks are actually the cause of the depot.

At first, the malware appeared as a video player called DTV. It changed its look and name to look like delivery services such as DHL, UPS, and Post. According to Cliffy researchers, the malware will run outside of Google Play. It is actually delivered through third-party utility stores, and its security measures are virtually non-existent. This is why it is recommended to download apps only through Google Play.

Note that Android users may not always be aware that they are downloading a fraudulent application outside of Google Play. SMS phishing campaigns can send their targets to sites dedicated to downloading uncertain applications. This is why you should always be wary of what is known as an SMS from Amazon, Tax or PPST.