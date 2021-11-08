The VirusTotal website has been in charge of uncovering this threat, discovering after analyzing the size of several antivirus that the APK that offers access to the PDF application is modified with the intention of requesting the user to download a false update in the form of an add-on . This may seem strange to those who control the technology most, since the updates of the apps are made from Google Play, but many may have been deluded.

This does not usually happen, but to everyone’s surprise we find that the giant Google has made a mistake and has endangered all mobiles . An attack that is directly aimed at banking data and that could scare users who only want to download an app to read a PDF document from their mobile phone.

After installing the update that is apparently offered as a Flash Player extra, the software requests access to read the contacts, access the files and even view the passwords stored in the Google account. Then you just have to take all that information and use it against us. An app called PDF + which has more than 100,000 downloads and is ranked as one of the best in its sector, however it hides a big problem.

What should we do?

In the event that we do not have this app installed on our smartphone, we do not have to fear, however if we currently have it or had it installed, we have to take action. The first thing will be to get rid of it and for that we only have to follow this process:

We enter Settings. We access the installed applications. We locate PDF +. We enter storage and clear data and cache. Then we uninstall it. We repeat the same process looking for the Adobe Flash plug-in and deleting it.

At least we will not have problems to end it from the mobile. But this may not be enough and we have to modify our access code from the banking app or in some cases call our bank to inform them of the problem. They can help us to modify the password and if necessary to corroborate the connections and movements in the account.