Watch out, Android fans – this banking malware threat is masquerading as a Google Play update

News
By published

Not the update you were looking for

Trojan
(Image credit: Iaremenko Sergii / Shutterstock)

It’s good mobile security practice to keep your devices regularly updated, but a new piece of Android malware suggests doing that could in fact lead to disaster. That’s because hackers have launched a devious new trojan that masquerades as an official Google Play update.

First discovered by cybersecurity company Cyble (via Tom’s Guide), the malware has the power to completely take over your phone. Dubbed Antidot, it can harvest your text messages, log which keys you press, and control things like your camera and screen lock. That means it’s an incredibly powerful weapon in the wrong hands, with the ability to track your passwords and banking logins and thereby gain access to a tremendous trove of personal data.

It’s thought that you’ll first encounter Antidot through phishing messages that claim to be from Google and tell you to update Google Play. If you follow the link in the message, you’re led to a convincing-looking website that offers up a malicious download package, which in turn installs Antidot. As you might have realized, this means the download needs to be sideloaded rather than coming from the legitimate Google Play Store itself, which should immediately ring alarm bells.

Cyble’s researchers noticed that Antidot can display pages in several different languages, suggesting that it can quickly be tailored for victims in different regions. That implies a level of sophistication beyond that possessed by simple amateur hackers.

How to stay safe

a smartphone with the google play logo on it

(Image credit: Shutterstock / rafapress)

This hacking campaign serves to highlight the risks of installing anything from a suspicious location. The Google Play app can be updated from within the app itself, so Google would never recommend you install an update from a web page or other location – even if the page is carefully designed to look like the company’s official website.

For simplicity, you can enable automatic app updates on Android by opening the Google Play Store app, tapping your profile icon in the top-right corner, then selecting Settings > Network preferences > Auto-update apps. Now choose to either update over Wi-Fi or any network. This should ensure everything is kept up to date, rendering suspicious update texts and emails completely moot.

It would also be a good idea to install one of the best Android antivirus apps on your device. It only takes one slip-up for a bad actor to trick you, but an antivirus app can act as another line of defense to stop malware in its tracks. There’s also Google Play Protect, which scans apps downloaded from outside the Play Store.

Throw in a healthy dose of common sense and you should be able to steer clear of trojans like Antidot and keep your Android device safe from harm.

You might also like

See more News about Phones
Alex Blake
Alex Blake
Freelance Contributor

Alex Blake has been fooling around with computers since the early 1990s, and since that time he's learned a thing or two about tech. No more than two things, though. That's all his brain can hold. As well as TechRadar, Alex writes for iMore, Digital Trends and Creative Bloq, among others. He was previously commissioning editor at MacFormat magazine. That means he mostly covers the world of Apple and its latest products, but also Windows, computer peripherals, mobile apps, and much more beyond. When not writing, you can find him hiking the English countryside and gaming on his PC.

Read more
A close-up photo of an iPhone, with the App Store icon prominent in the center of the image.
App stores are increasingly becoming a major security worry
An Android phone being held in the hand
These malicious Android apps were installed over 60 million times - here's how to stay safe
Malware worm
Coordinated global mobile malware campaign targets banking apps and cryptocurrency platforms
In this photo illustration a Google Play logo seen displayed on a smartphone.
Why is there so much spyware hidden in the Play Store?
Android phone malware
This nasty Android malware is posing as the Telegram Premium app
mobile phone
Popular Android financial help app is actually dangerous malware
Latest in Phones
Product shots for the Xiaomi Poco X7 Ultra review
I spent a month testing the Xiaomi Poco F7 Ultra, a top-end mid-ranger that masquerades as a flagship
iPhone 13 mini
The iPhone mini won't be returning, according to rumors – and you think that's a mistake
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
All three rumored Samsung Galaxy S25 Edge colors shown off in ‘official’ images
Anker Zolor Power Bank 10,000mah
My favorite portable charger goes everywhere with me, and it's under $13 at Amazon right now
Apple iPhone 16 Pro Max Hands on
I'm actually glad the new Siri with Apple Intelligence is delayed, and here's why we've got Apple's AI problem backwards
The iPhone 16 Pro on a grey background
iPhone 17 Pro tipped to get 8K video recording – but I want these 3 video features instead
Latest in News
Nintendo Switch 2 Joy-Con up-close from app store
Nintendo's new app gave us another look at the Switch 2, and there's something different with the Joy-Con
cheap Nintendo Switch game deals sales
Nintendo didn't anticipate that Mario Kart 8 Deluxe was 'going to be the juggernaut' for the Nintendo Switch when it was ported to the console, according to former employees
Toni Collette in Hereditary
Everything leaving Netflix in April 2025 – from the scariest movie ever made to a beloved DreamWorks animation with 99% on Rotten Tomatoes
Three angles of the Apple MacBook Air 15-inch M4 laptop above a desk
Apple MacBook Air 15-inch (M4) review roundup – should you buy Apple's new lightweight laptop?
Witchbrook
Witchbrook, the life-sim I've been waiting years for, finally has a release window and it's sooner than you think
Close up of Leica M11-P viewfinder
I wince at the prospect of the rumored Leica M11-V – here's why
More about phones
iPhone 13 mini

The iPhone mini won't be returning, according to rumors – and you think that's a mistake
Product shots for the Xiaomi Poco X7 Ultra review

I spent a month testing the Xiaomi Poco F7 Ultra, a top-end mid-ranger that masquerades as a flagship
Toni Collette in Hereditary

Everything leaving Netflix in April 2025 – from the scariest movie ever made to a beloved DreamWorks animation with 99% on Rotten Tomatoes
See more latest
Most Popular
Toni Collette in Hereditary
Everything leaving Netflix in April 2025 – from the scariest movie ever made to a beloved DreamWorks animation with 99% on Rotten Tomatoes
Close up of Leica M11-P viewfinder
I wince at the prospect of the rumored Leica M11-V – here's why
Nintendo Switch 2 Joy-Con up-close from app store
Nintendo's new app gave us another look at the Switch 2, and there's something different with the Joy-Con
HP ZBook Ultra G1a
HP's ridiculously fast Ryzen AI Max+ Pro 395 laptop with 128GB RAM goes on sale everywhere in the US, but it won't be cheap
A mobile phone showing the Signal logo in front of a screen showing the app
Signalgate explained: what is Signal, and how secure is the messaging app?
Asus Ascent GX10 Rear
Asus's more affordable version of Nvidia's uber-popular Project Digits snapped at GTC 2025
iPhone 13 mini
The iPhone mini won't be returning, according to rumors – and you think that's a mistake
Sam Altman and OpenAI
OpenAI is upping its bug bounty rewards as security worries rise
cheap Nintendo Switch game deals sales
Nintendo didn't anticipate that Mario Kart 8 Deluxe was 'going to be the juggernaut' for the Nintendo Switch when it was ported to the console, according to former employees
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Dangerous new CoffeeLoader malware executes on your GPU to get past security tools