What's the oldest trick in the book to get people to do something they might not otherwise do? Pretend to be someone you are not. That's exactly what the Antidot banking trojan is doing. To lure Android users into downloading it, it's masquerading as a Google Play update application.
If you tap on the button, you are taken to the Accessibility settings. Like many other banking trojans, Antidot is dependent on the Accessibility service to perform its intended activities. After permissions are granted, an ID is generated for your device. It places a fake window on top of legitimate financial apps - which is what we call an overlay attack - to siphon off your credentials. This information can be used to gain access to your bank account or cryptocurrency apps.