The 10 Biggest Android Security Threats In 2018
A multitude of general malware banking trojans have been released into the wild and can be customized for the needs of a specific attack, according to Lookout's Kaza.
In the regular app stores, good controls have been built up to scan the applications and ensure they're abiding by the terms of service that define what they can and cannot do, according to Sophos' Cooke. But even though Google Play has thrown out 700,000 apps for violating various policies, Cooke said malware such as banking trojans still creeps into the apps and finds its way back into the store.
Attackers use techniques to evade detection methods in app stores such as installing the app, going to the command-and-control server, and downloading the malicious payload, Cooke said. But if the attacker doesn't even have to deal with evading the app store security, Cooke said they're able to obtain the same reward while undertaking considerably less effort.