Whether you are an iPhone or an Android smartphone user, you usually install the apps you need from Apple App Store or Google Play Store as the case may be. However, that is where the hackers target innocent users. Because, in case you are not careful before installing any app on your smartphone, you might end up getting defrauded. The cause is that there are specific apps on both these stores which have malware put in them. As soon as these apps are downloaded, they will steal your non-public info, together with banking particulars like passwords too. Now, market analysis firm Examine Level Research has found six Android apps on Google Play Store which are spreading banking malware by portraying themselves as antivirus apps. The list of six apps which are spreading banking malware includes:- Atom Clean-booster Antivirus, center security antivirus, powerful cleaner antivirus, Antivirus super cleaner, Alpha antivirus cleaner, Center security antivirus App.
"Once you seek for Anti-Virus (AV) solutions to protect your mobile gadgets, you don’t expect these solutions to do the opposite i.e. make devices vulnerable to malware. That is what the Verify Point Research (CPR) team encountered while analyzing suspicious applications found in Google Play. These applications pretended to be real AV solutions whereas in reality they downloaded and installed an Android Stealer known as Sharkbot," the report mentioned.
As per the data provided, the malware “Sharkbot" steals the credentials and banking info of Android users. It lures victims to enter their credentials in windows that mimic benign credential enter types. When the user enters credentials in these windows, the compromised information is shipped to a malicious server.
"Sharkbot has a handful of tips up its sleeve. It doesn’t target each potential victim it encounters, however only select ones, using the geofencing function to identify and ignore users from China, India, Romania, Russia, Ukraine, or Belarus. Evasion methods are also part of Sharkbot’s arsenal. If the malware detects it's running in a sandbox, it stops the execution and quits." according to the research.
The report further informed that these six applications got here from three developer accounts, Zbynek Adamcik, Adelmio Pagnotto, and Bingo Like Inc. When their history was checked, it was found that two of them have been active in the fall of 2021. A few of the applications linked to those accounts have been removed from Google Play, but still exist in unofficial markets. The reason behind the same could possibly be due to the fact that the developers wish to keep beneath the radar, the research firm said.
(Also Read:- RBI Big Announcement: Card Less Cash Withdrawal to be Available at All Bank ATMs via UPI)
0 Comments