Skip to Content

SharkBot banking trojan malware

Updated on 2022-11-22

Antivirus maker Bitdefender said it identified four Android apps on the official Play Store acting as downloaders for the SharkBot banking trojan. The apps were file managers but also contained malicious code to help deploy malware on a user’s device after their Play Store installation. Read more: Android SharkBot Droppers on Google Play Underline Platform’s Security Needs

Overview: Google Pulls Malware-Spreading Apps Disguised as Anti-Virus from Google Play Store

Google has pulled half a dozen malicious Android apps from the Google Play Store after they were found to spread info-stealing malware. The apps were installed a total of 15,000 times. The malware, known as Sharkbot, steals credentials and banking data. Researchers from Check Point discovered the malware-laced apps.

Note

  • Beware of software bearing gifts, in this case applications purporting to be anti-virus solutions that install malware instead. Even more dangerous: a user installing what they think is AV is more likely to grant that application all requested permissions. Provide users with approved device security tools and profiles rather than letting them choose their own. Note that these apps themselves didn’t contain the malware; instead, they downloaded it after fooling the user with a pretty icon and otherwise legitimate looking app. As the apps have been pulled from the Play Store, Play Protect will remove them on installed devices, but the damage is likely done, and infected devices will likely need a factory reset.
  • I’d like to see two things: (1) Good data from Google Play Store and Apple App Store on the average time before a bad app is detected and removed; and (2) a security settings switch that filters app store view to only show apps have been published longer than that average. I guess the third thing would be to that average time decrease to hours, then minutes, vs. days.

Read more in

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that\'s committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we haven\'t implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you\'re currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.