Advertisement
Open App
  • News
  • Sci-Tech
  • SharkBot reappeared in form of fake antivirus apps

SharkBot reappeared in form of fake antivirus apps

  •
    Web Desk

    06th Sep, 2022. 12:27 pm

  • Share

SharkBot antivirus

SharkBot reappeared in form of fake antivirus apps

Advertisement
  • The notorious SharkBot banking malware has resurfaced on the Google Play Store by disguising itself as a false antivirus and cleaning app.
  • The apps at issue, which include Mister Phone Cleaner and Kylhavy Mobile Security, have over 60,000 installations combined.

According to the most recent reports, the notorious Android banking malware SharkBot has resurfaced on the Google Play Store by disguising itself as a false antivirus and cleaning app.

Advertisement

In a report, Fox-IT of NCC Group said:

“This new dropper doesn’t rely on accessibility permissions to automatically perform the installation of the dropper Sharkbot malware. Instead, this new version asks the victim to install the malware as a fake update for the antivirus to stay protected against threats.”

The bad news is that the apps at issue, which include Mister Phone Cleaner and Kylhavy Mobile Security, have over 60,000 installations combined.

Furthermore, they are intended for users in Spain, Australia, Poland, Germany, the United States, and Austria.

    Advertisement
  • Mister Phone Cleaner (more than 50,000 downloads)
  • Kylhavy Mobile Security (more than 10,000 downloads)

According to the claims, the droppers are supposed to deliver a new version of SharkBot called V2 by Dutch security firm ThreatFabric.

They have a refactored codebase, an updated command-and-control (C2) communication system, and a domain generation algorithm (DGA).

Other notable information-theft capabilities worth mentioning are:

Advertisement
  • injecting bogus overlays to obtain bank account credentials.
  • logging keystrokes
  • Intercepting SMS messages and committing fraud via the Automated Transfer System (ATS)
    • Advertisement

Alberto Segura and Mike Stokkel, researchers, stated:

“Until now, SharkBot’s developers seem to have been focusing on the dropper in order to keep using the Google Play Store to distribute their malware in the latest campaigns.”

Also Read

TikTok denies that hackers leaked users sensitive data

A hacker has posted on a hacking site that claims to have...

Advertisement
Read More News On

Catch all the Business News, Breaking News Event and Latest News Updates on The BOL News


Download The BOL News App to get the Daily News Update & Live News.


Advertisement
End of Story
BOL Stories of the day
PTA unveils satellite license to boost internet access
TECNO introduces latest Spark 40 in Pakistan
Partial solar eclipse to grace skies on September 21, 2025 — Here's How to Watch Safely
Grit to Gigabytes, from Great to Beta Generation
FDA clears Apple watch to detect hypertension, a first for wearables
Nano Banana craze: Google’s Gemini AI figurines makes buzz on social media

IN THE SPOTLIGHT

CORONAVIRUS OUTBREAK

TOP STORIES RIGHT NOW
MORE LATEST NEWS
Advertisement
Next Article
Exit mobile version