Researchers at Cleafy discovered the Mobdro Pro IP TV + VPN app is a malicious Android app distributing the Klopatra banking Trojan, a new remote access tool not linked to known malware families. Klopatra infects victims through a social engineering chain that bypasses Android defenses and grants attackers full control of the device to steal banking information and perform fraudulent transactions.
The app disguises itself as a free IPTV streaming service, exploiting users’ familiarity with sideloading pirated content from unofficial sites. This highlights a significant security concern where malware exploits legitimate app concepts to deceive users. Beyond fake apps, even legitimate VPN apps on official stores can pose privacy risks, as revealed by the VPN Transparency Report 2025, which flagged popular apps for questionable ownership and use of insecure technologies like the Shadowsocks protocol.
Users are encouraged to exercise caution by downloading apps exclusively from official or trusted sources, carefully reviewing app permissions, and installing up-to-date anti-malware software. If compromised, users should remove suspicious apps, conduct security scans, and reset banking credentials. This incident underscores the ongoing risks in the Android ecosystem where fraudulent and poorly vetted VPN and streaming apps threaten user privacy and security.
👉 Pročitaj original: Malware Bytes
