Cybersecurity experts have warned of a new malicious campaign targeting Android users through a fake antivirus application called TrustBastion.
According to analysts, the counterfeit app serves as a vehicle for distributing dangerous malware capable of stealing users’ personal and banking data, while also granting attackers remote control over infected devices.
اضافة اعلان
The campaign reportedly surfaced recently on Hugging Face, a platform known for sharing artificial intelligence models, making it harder for unsuspecting users to detect the threat.
Experts emphasized that the attack demonstrates how cybercriminals can exploit users’ trust in security tools themselves. Downloading apps from unverified sources and ignoring system warnings can turn smartphones into easy targets for data theft and unauthorized access.
How the Scam Works
At first glance, TrustBastion appears to be a legitimate security tool promising protection against viruses and malware. Such applications may seem credible to users who fail to verify the download source.
Once installed, the app displays a notification claiming that a system issue has been detected and prompts the user to install a “necessary update.” In reality, this update contains malicious code that is subsequently deployed onto the device.
What Happens Inside the Device?
After the malicious component is installed, the malware can secretly capture screenshots, display fake login pages for financial services to harvest credentials, and even record PIN codes or other passwords.
All collected information is then transmitted to servers controlled by hackers, enabling them to quickly access victims’ banking accounts and other online services.
Security analysts noted that attackers have repeatedly re-uploaded modified versions of the malicious app after earlier versions were removed. Although the appearance may change slightly, the harmful behavior remains the same, making the campaign difficult to fully eliminate.
How to Stay Protected
To safeguard against such threats, users are advised to download applications only from official stores such as Google Play, where apps undergo stricter security screening compared to third-party sources.
It is also important to review ratings and user feedback before installing any application. Malicious apps often have very few reviews or suspiciously inconsistent ratings.
Users should avoid downloading or manually installing APK files from untrusted sources, as these files bypass standard security checks and may contain harmful software.
For added protection, install reputable antivirus solutions and enable Google Play Protect on your device to scan apps and detect suspicious behavior.
— Agencies
