SharkBot Malware Appears on Google PlayStore – Here’s How It Targets Crypto Apps

Wrapped as Mister Phone Cleaner and Kylhavy Mobile Security apps, a malware is circulating on Google PlayStore. This malware affects applications related to banking and cryptocurrencies. It is capable of stealing account cookies and bypassing authentication methods that require user input, such as fingerprints.

The malware called SharkBot dropper is used to infect users’ devices once it is installed. Alberto Segura, a malware analyst has tweeted about this resurgence of malware on Twitter to alert Android users.

According to Segura, once this malware is installed, it cancels the ‘login with fingerprint’ dialogs so that users are forced to enter the password and username. SharkBot malware is capable of bypassing two-factor authentication.

According to public statistics from Google PlayStore, Mister Phone Cleaner app has more than 50,000 downloads. The app is represented by a blue logo showing a white and blue broom. While this app is available on the PlayStore in India, the Kylhavy Mobile Security app is not listed in India but is reported to have over 10,000 downloads.

Segura said in a blog post: “This new Sharkbot dropper asks the victim to install the malware as a fake update so that the antivirus remains protected against threats.”

Cleafy Labs, an online fraud management company, has explained that the main goal of the SharkBot malware is to initiate money transfers from the compromised devices via the Automated Transfer System technique bypassing multi-factor authentication mechanisms. .

Various scammers have been trying to exploit Android users as mobile apps are an easy way to take control of smartphones.

To recall, a crypto mining malware that was disguised as a Google Translate app, had been breaking into thousands of computers. According to a study by Check Point Research (CPR), this malware named “Nitokod” has been developed by a Turkey-based entity as a desktop application for Google Translate.

Many Google users have downloaded this app on their PCs in the absence of Google’s official desktop app for translation services. Once this app is downloaded, it sets up an elaborate crypto mining operation on infected devices.

See all the news and tech updates on Live Mint. Download The Mint News app for daily market updates and live trading news.

more less

subscribe to mint newsletters

* Please enter a valid email

* Thank you for subscribing to our newsletter.

post your comment

Leave a Comment