MUST KNOW

Google removes six ‘antivirus’ apps used to steal banking info with Sharkbot malware; Uninstall them now

Google has removed six apps infected with Sharkbot, the bank stealer malware, from its app store, reports said. The apps had been downloaded 15,000 times before their removal.

All six apps were designed to pose as antivirus solutions and to select targets using a geofencing feature. The apps stole users’ login credentials for websites and services. The infected applications were used to target users in Italy and the UK, the reports suggest.

Read More:-TCS, HCL, Infosys, Cognizant Work From Home to End? Know About IT Firms’ Future Working Model

Check Point Research said in a blog post that the six Android applications pretending to be antivirus apps on the Google Play store were marked as “droppers” for Sharkbot. The malware is an Android Stealer used to infect devices and steal login credentials and payment details. Once a dropper application is installed, it is used to download a malicious payload and infect a device — evading detection.

The Sharkbot malware used by the six apps also used a ‘geofencing’ feature to target victims in specific regions. According to the Check Point Research team, the Sharkbot malware has been designed to identify and ignore users from India, China, Romania, Ukraine, Russia, and Belarus. The malware is capable of detecting when it is being run in a sandbox and immediately shuts down to prevent analysis.

Read More:-Home Loan to Remain Cheaper: RBI Relaxes Loan-to-Value Rules till March-end Next Year

The six applications were identified from three developer accounts — Adelmio Pagnotto, Zbynek Adamcik, and Bingo Like Inc. The team cited statistics from AppBrain, which revealed the 15,000 downloads.

Four of these apps were discovered in February and reported to Google in March. The applications were removed on March 9, Check Point Research said. Two more dropper apps were discovered on March 15 and March 22 — both were removed on March 27.

Read More:-FY22 tax kitty up 34% at record Rs 27.1 lakh crore

Check Point Research said users could ensure safety from malware masquerading as software by installing applications only from verified publishers. Users can also report seemingly suspicious behaviour to Google.

Source :
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Most Popular

To Top