SharkBot is a new and deadly piece of malware. It is a banking Trojan discovered by Cliffy researchers. It exists to transfer funds from any compromised user, steal credentials and financial information, and circumvent multi-factor authentication. According to a new study, this deadly virus was distributed through six Android security applications, all of which are available in the official Google Play store.
SharkBot mocks Android antivirus software users
According to Bleeping Computer, NCC Group security professionals were the first to identify a phony antivirus software in the official Google Play store in March that spread the Sharkbot Trojan. Google deleted ‘Antivirus, Super Cleaner’ shortly after the NCC group’s complaint was released. At least six such malicious programs were uncovered by Check Point researchers, all of which turned out to be legitimate antivirus solutions for Android customers.
Identifying Android antivirus app imposters
‘Atom Clean-Booster, Antivirus,’ ‘Alpha Antivirus, Cleaner,’ ‘Powerful Cleaner, Antivirus,’ and two labeled ‘Center Security – Antivirus’ were also on the list for identifying Android antivirus program imposters. If you were one of the hundreds of people who downloaded any of these applications and still have them on your Android smartphones, you should uninstall them and check your bank records for any strange activity. It is also strongly advised that you update your banking passwords.
It is quite hazardous
“It is quite dangerous. We may deduce that the threat actor’s malware dissemination approach was successful based on the number of installs. The threat actor chose a Google Play site where users trust programs with care.” Alexander Chailytko, Check Point Software’s cybersecurity, research, and innovation manager, remarked.
What does Google think of the SharkBot apps?
When I inquired how these applications managed to avoid detection and make it into the Google Play store, a Google spokeswoman said, “We appreciate the research community’s efforts, and when we identify apps that violate our regulations, we take action.” Google confirmed that all of the applications above had been deleted.