You must beware! 6 Creepy Android Apps Spreading Sharkbot Malware on Google Play Store; control List
Check Point Research found 6 Android apps spreading banking malware. You can check the name of these apps here.
Whether you are an iPhone or Android smartphone user, you usually install the apps you want from Apple App Store or Google Play Store as the case may be. However, this is where hackers target innocent users. Because if you are not careful before installing an application on your smartphone, you risk getting scammed. The reason is that there are some apps on these two stores which contain malware. Once these apps are downloaded, they can also steal your private information including banking information like passwords. Today, market research firm Check Point Research discovered six Android apps on the Google Play Store that spread banking malware by posing as antivirus apps. The list of six apps that spread banking malware includes, Atom Clean-Booster, Antivirus; antivirus, super cleaner; Alpha Antivirus, Cleaner; Powerful cleaner, antivirus; and two versions of the Center Security – Antivirus application.
“When looking for antivirus (AV) solutions to protect your mobile devices, you don’t expect these solutions to do the opposite, i.e. make the devices vulnerable to malware. That’s what “Check Point Research (CPR) team encountered during analysis suspicious apps found on Google Play. These apps pretended to be genuine AV solutions when in reality they downloaded and installed an Android thief called Sharkbot,” says The report.
According to the information provided, the “Sharkbot” malware steals credentials and banking information from Android users. It tricks victims into entering their credentials in windows that mimic benign credential entry forms. When the user enters credentials in these windows, the compromised data is sent. to a malicious server.
“Sharkbot has a handful of tricks up its sleeve. It doesn’t target every potential victim it encounters, just some of them, using geofencing to identify and ignore users from China, India, Romania, Russia, Ukraine or Belarus are also part of Sharkbot’s arsenal, and if the malware detects that it is running in a sandbox, it stops running and closes .according to research.
The report further stated that these six apps were from three developer accounts, Zbynek Adamcik, Adelmio Pagnotto, and Bingo Like Inc. When their history was checked, two of them were found to be active in fall 2021 Some of the apps linked to these accounts have been removed from Google Play, but still exist in unofficial marketplaces. The reason behind this could be because the developers want to stay under the radar, the research firm said.