SharkBot Malware: Dangerous SharkBot malware is back on the Google Play Store in the form of fake antivirus apps and cleaner apps. Malware is allegedly stealing banking data of users. These dangerous apps include Mr. Phone Cleaner and Kilhavi Mobile Security and the bad news is that these apps already have over 60,000 installations. According to Fox-IT of NCC Group, the malware is designed to target users in Spain, Australia, Poland, Germany, the US and Austria. He said that these apps also do not require accessibility permissions to automatically perform the installation of the Dropper Sharkbot malware, instead, they ask the victim to install the malware in the form of fake updates for antivirus apps.
Fox-IT’s Alberto Segura said: “This new version asks the victim to install malware as a fake update to stay safe from antivirus threats. Two SharkbotDopper apps have been found active in the Google Play Store, of which Each has 10K and 50K installs. The malware can allegedly steal logging keystrokes, intercept SMS messages and perform fraudulent fund transfers using Automated Transfer Systems (ATS). Fox-IT’s Threat Intelligence The team detected a new Sharkbot sample with version 2.25 on August 22, 2022.
The new Sharkbot version has a new feature that steals session cookies from victims who log into their bank accounts. Although Google has banned these apps, anyone who has already downloaded them will have to remove them immediately. Also, check your bank account for any strange transactions.
What is SharkBot Malware?
Sharkbot is a banking Trojan that was first discovered in 2018. The malicious app was targeting crypto apps, with a specific focus on exchanges and trading services. The malware is capable of stealing the victim’s login information, allowing hackers to use their account for malicious activities. Sharkbot has since evolved and is using advanced technologies to make it more dangerous than ever.