Hitherto little-known banking malware has made it to the Google Play Store disguised as an antivirus app. It is a trojan that sniffs Android smartphones and sends credentials to its unknown supporters. This comes from a report by bleeding computer from. The online magazine was informed of the discovery of the trojan named SharkBot by the security experts of the NCC Group.
SharkBot banking malware has infiltrated the Google Play Store, the official repository for Android apps, pretending to be an antivirus with system cleaning capabilities. Such apps are very popular – so the Trojan had an easy time until it was discovered. Infographic: These are the most successful subject lines in phishing
The main difference from other trojans is that it also transfers money from bank accounts through automatic transfer systems (ATS). This was possible by simulating touches, clicks, and keystrokes on compromised devices. However, according to current knowledge, there have been only a few cases where this has actually happened. It is not known which factors have to come together for this.
It is also said that the trojan has not yet spread widely – and it is not known whether it is due to mischief in Europe. Android users should check if they have an app called “Antivirus, Super Cleaner” by Zbynek Adamcik on their phone and if so, uninstall it. With this app comes the SharkBot Trojan piggybacking.
NCC reports that the money transfer feature is still available in the latest version, but is only used in some cases of advanced attacks. While the trojan app was far from popular, its successful infiltration on the Play Store shows that malware distributors can still bypass Google’s automatic security measures. The app itself has since been removed from the Play Store.
Research Snipers is currently covering all technology news including Google, Apple, Android, Xiaomi, Huawei, Samsung News, and More. Research Snipers has decade of experience in breaking technology news, covering latest trends in tech news, and recent developments.