“SharkBot” is a new family of viruses that threaten Android via Trojans and has already been detected in at least four apps on Google Play.
A group of cybersecurity researchers from NCCGroup discovered a A new family of threats targeting Android users in the form of trojans.
his name is “SharkBot”So far, at least it has already been discovered Four applications are available in the Google Play Store that accumulate Tens of thousands of downloadsThat’s when this article was published It hasn’t been removed from the store yet.
Applications on Android phone.
This is how SharkBot works, the Trojan that can steal your banking data
SharkBot is a “new” generation of malware discovered by the NCC and other research groups focused on cybersecurity. On this day, Google has already been warned of its presence on Google Play, and it’s only a matter of time before the company decides to act on it.
The malware was discovered in October 2021 and has since reappeared in new apps discovered in the Play Store. According to researchers, it is malware It has nothing to do with other popular threats like Flubot or Cerberus.
When it comes to the attack, it uses an advanced technology that other Android-targeting Trojans don’t usually use: SharkBot’s main goal is to divert money from vulnerable devices through automated redirection systems. To do this, you must have the necessary permissions to be able to Autofill text fields Banking applications and start money transfers.
The ATS function – Automatic Transfer Systems – allows the malware to receive a list of events to simulate, and they will be simulated to make money transfers. Since this feature can be used to simulate pushes/clicks and button presses, it can be used not only to transfer money automatically, but also to install apps or other malicious components.
In addition to infecting the victim’s device that decides to download the app from Google Play, SharkBot also has the ability to use Auto reply feature from android to Automatically reply to any notificationDistribute the malware download link in an effort to spread as much as possible.
The Four apps detected with malware inside They present themselves as applications Antivirus & Digital Garbage Cleaners. Most famous, it was called “Powerful Cleaner, Antivirus” It has been downloaded more than 50,000 times from the store. The full list of applications is available below:
also can be verified, Apps seem identical to each other, and even the same promotional screenshots are used. Researchers claim that Even the code looks like “copy and paste”. Needless to say, if you have any of these apps installed on your device, it is very important for you Delete it as soon as possible.
Related topics: apps
Subscribe to Disney + for 8.99 euros and without time
45seconds is a new media, feel free to share our article on social networks to give us a boost. 🙂
“Devoted gamer. Webaholic. Infuriatingly humble social media trailblazer. Lifelong internet expert.”
