Once more available to attacking customers in the Play Store, the SharkBot trojan is now concealed in two phony Android antivirus apps. The apps are designed to protect your smartphone, but after installation, your banking information will be taken.

Security experts discovered the SharkBotDropper trojan in April in a number of antivirus programs available on the Google Play Store, including Antivirus and Super Cleaner. Two new Android antivirus apps, according to a recent investigation by Fox-IT , may, however, be infested with the SharkBot trojan.

According to the research, the most recent apps that contain the SharkBot virus are Mister Phone Cleaner with 50,000 downloads and Kylhavy Mobile Security with 10,000 downloads. This Android virus is made to steal login information for online banks. SharkBot’s new method of attack does not require the device’s accessibility permissions.

Advertisement Additionally, Sharkbot is picky about who it attacks. According to a research by Check Point Research , Sharkbot exclusively targets a subset of the possible victims it encounters, identifying and ignoring individuals from China, India, Romania, Russia, Ukraine, and Belarus utilizing the geofencing feature.

The SHARKBOT Trojan employs a number of techniques to steal bank credentials. SharkBot malware uses a variety of techniques to steal online banking credentials. When the user first launches the banking app, it can display a bogus login page. Hackers are in control of this page, which is nearly identical to the genuine banking page.

The second technique involves recording key presses and sending them to an outside server. Additionally, the malware has the ability to react to text messages and disseminate itself using text-based shareable links. The SharkBot virus can also open a doorway for hackers to enter the system and prefill transaction forms in the banking app.

Advertisement If you have Mister Phone Cleaner and Kylhavy Mobile Security installed, you should remove them as soon as possible. Once the threat has been fully eliminated, you should discontinue utilizing financial apps. The following action you may do is to only download reputable and trustworthy antivirus software. Avoid using infamous and obscure apps.

SHARE
TWEET

You may also like