There are times when malware can be found even in official app stores, and this is something th at has happened on both Android and iOS on more than one occasion and can put in endangers user information. TeaBot is one of the malware that has been discovered
This is how TeaBot works
This is a Trojan discovered early last year which is not only intended to steal user credentials but also SMS messages to bypass two-step verification.
The malware achieves this, according to Cleafy in its report, by live streaming of screen content, In addition to access to accessibility services, a permission that the user is requested and that many people, out of ignorance, end up granting to this type of application.
The first thing it does when installed is ask you to update it, for which will take you to a GitHub repository where to download this update. This is the time when the malware enters your mobile.
Now, it has been discovered that this malware is expanding its scope and more and more searching for data from more applications, increasing their goals from 60 to over 400
To avoid these risks, some tips can help you, such as do not install apps from sources outside of Google Play o Don’t grant accessibility permissions to apps that don’t need them for their primary function. The latter is even more important, because as we have seen sometimes in the Play Store, there are malicious applications.