These fake Android antivirus apps steal banking info, so delete them now

0

Eventually, we hope to stop having to warn Android owners about infected apps that might be on their phones. Unfortunately, today is not that day. Last month, the security firm Fox-IT discovered trojans on Google Play posing as legitimate apps. Google removed the apps, but not before more than 60,000 Android users downloaded them.

Delete these malicious Android apps

According to Fox-IT, the apps “Mister Phone Cleaner” and “Kylhavy Mobile Security” were both droppers for the SharkBot malware. Unlike the previous droppers, neither relied on gaining accessibility permissions to perform the installation of the malware. Instead, the app would ask the user to install a fake update that would include the malware.

The Google Play store listings for the apps reveal that Mister Phone Cleaner had more than 50,000 downloads while Kylhavy Mobile Security had 10,000+. The attackers were targeting users in Spain, Australia, Poland, Germany, the US, and Austria.

The cybersecurity experts at Cleafy first uncovered SharkBot last October. Here’s how their team described the banking malware at the time:

The main goal of SharkBot is to initiate money transfers from the compromised devices via Automatic Transfer Systems (ATS) technique bypassing multi-factor authentication mechanisms (e.g., SCA). These mechanisms are used to enforce users’ identity verification and authentication, they are usually combined with behavioural detection techniques to identify suspicious money transfers.

Since that time, SharkBot has evolved. You can read more about the evolutions on Fox-IT’s blog, but one of the most terrifying is the malware’s ability to steal cookies. The new feature allows hackers to log cookies from banking sites. They can then use this information to steal your account details and hack into your bank account.

Needless to say, if you have either of these apps on your Android device, delete them right away. Google is always making improvements to keep malicious apps off of the Play store. Sadly, hackers are just as determined to steal your data.

Stay connected with us on social media platform for instant update click here to join our  Twitter, & Facebook

We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.

For all the latest Technology News Click Here 

Read original article here

Denial of responsibility! Rapidtelecast.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.
Leave a comment