Don’t Click Here – New Android Threat Deletes Everything From Your Phone

There has been no shortage of reports of new threats to Android in recent weeks, so it’s no surprise that Google is removing thousands of apps from its Play Store and adding a live threat detection feature to phones with the release of Android 15.

But here’s an unpleasant twist – the new threat making headlines goes beyond stealing financial, credential and personal data. After the attack, phones are wiped, leaving no trace and complicating the investigation into the sudden emptying of bank accounts.

A new RAT (remote access attack) Trojan for Android has been discovered by security firm Cleafy, which has dubbed it “BingoMod” and warned that it can “bypass banking countermeasures used to enforce identity verification and user authentication, combined with behavioral detection techniques used by banks to identify suspicious money transfers.”

ForbesSamsung Improves Millions of Galaxy Phones – Click Here to See New iPhone That Beats SecurityBy Zak Doffman

BingoMod attacks victims via SMS and presents itself as a security app, tricking users into installing the software directly. The campaign mimics the names of legitimate Play Store security tools to trick users into doing cursory checks. It is obvious, however, that if the app is on the Play Store and is reasonably well-known, you should only install it from there.

Worse still, since BingoMod poses as an antivirus app, it seems likely that it requests access to the phone’s Accessibility Services to scan for threats. In reality, it “silently steals sensitive information, including credentials, SMS messages, and current account balances… After a successful fraudulent transfer, the infected device is typically wiped, removing all traces, to complicate forensic investigations.”

BingoMod is not currently available in the Play Store, so it does not meet its security standards. This is timely. We are currently seeing a lot of resistance to sideloading apps in this way, and this week we also saw another report on the terrifying scale of SMS campaigns to spread malware in the Android ecosystem.

If I’m being brutally honest, the details of this particular RAT’s operational concept, its cunning setup to avoid detection, and even its use of on-device trickery to pose as a trusted entity and bypass banking security measures blend in with the general hype surrounding Android, especially when it comes to sideloading.

ForbesGoogle Warns 3 Billion Chrome Users – No Updates for New “Nightmare” TrackingBy Zak Doffman

Yes, BingoMod’s creators have employed smart techniques to prevent legitimate AV tools from finding and keeping it on your device. But the harsh reality is that if you follow the golden safety rules given below, you won’t fall victim to this threat or any of the countless other RATs that will appear later:

1. Use official app stores – do not use third-party stores and never change your device’s security settings to allow apps to load
2. Check the developer in the app description – is it someone you would want in your life? And check the reviews, do they seem real or fake? Avoid mindlessly installing trivial apps you don’t need.
3. Don’t give an app permissions it shouldn’t need: Flashlights and stargazing apps don’t need access to your contacts and phone. And never give accessibility permissions that make it easier to control your device unless you need them.
4. Never whenever click on links in emails or text messages that download apps or updates directly – always use app stores to install and download updates.
5. Check if Google Play Protect is enabled on your device.

Google says Play Protect will protect phones against this new malware, but more importantly, it will introduce live threat detection for phones with the Android 15 update later in the year. This will monitor the behavior of apps on the device, including access to high-risk permissions, including accessibility services.

It’s obvious we can’t do this fast enough.