Advertisement
Advertisement
Advertisement
Advertisement
SharkBot reappeared in form of fake antivirus apps

SharkBot reappeared in form of fake antivirus apps

SharkBot reappeared in form of fake antivirus apps

SharkBot reappeared in form of fake antivirus apps

Advertisement
  • The notorious SharkBot banking malware has resurfaced on the Google Play Store by disguising itself as a false antivirus and cleaning app.
  • The apps at issue, which include Mister Phone Cleaner and Kylhavy Mobile Security, have over 60,000 installations combined.

According to the most recent reports, the notorious Android banking malware SharkBot has resurfaced on the Google Play Store by disguising itself as a false antivirus and cleaning app.

Advertisement

In a report, Fox-IT of NCC Group said:

“This new dropper doesn’t rely on accessibility permissions to automatically perform the installation of the dropper Sharkbot malware. Instead, this new version asks the victim to install the malware as a fake update for the antivirus to stay protected against threats.”

The bad news is that the apps at issue, which include Mister Phone Cleaner and Kylhavy Mobile Security, have over 60,000 installations combined.

Furthermore, they are intended for users in Spain, Australia, Poland, Germany, the United States, and Austria.

    Advertisement
  • Mister Phone Cleaner (more than 50,000 downloads)
  • Kylhavy Mobile Security (more than 10,000 downloads)

According to the claims, the droppers are supposed to deliver a new version of SharkBot called V2 by Dutch security firm ThreatFabric.

They have a refactored codebase, an updated command-and-control (C2) communication system, and a domain generation algorithm (DGA).

Other notable information-theft capabilities worth mentioning are:

Advertisement
  • injecting bogus overlays to obtain bank account credentials.
  • logging keystrokes
  • Intercepting SMS messages and committing fraud via the Automated Transfer System (ATS)
  • Advertisement

Alberto Segura and Mike Stokkel, researchers, stated:

“Until now, SharkBot’s developers seem to have been focusing on the dropper in order to keep using the Google Play Store to distribute their malware in the latest campaigns.”

Also Read

TikTok denies that hackers leaked users sensitive data
TikTok denies that hackers leaked users sensitive data

A hacker has posted on a hacking site that claims to have...

Advertisement
Advertisement
Read More News On

Catch all the Sci-Tech News, Breaking News Event and Latest News Updates on The BOL News


Download The BOL News App to get the Daily News Update & Follow us on Google News.


End of Article
Advertisement
In The Spotlight Popular from Pakistan Entertainment
Advertisement

Next Story