They discovered six Android apps that masquerade as antivirus in order to transmit banking’malware.’

CHECK POINT/GOOGLE PLAY STORE – Malicious programs posing as antivirus to spread banking malware

Researchers from Check Point Research uncovered six programs in the Google Play Store that spread banking’malware’ while posing as antivirus to steal users’ credentials.

The six Google Play Store apps transmit a’malware’ known as Sharkbot, which allows attackers to steal credentials and banking information from Android users.

Its’malware’ pops up a window that looks like the credential entry forms. Users’ credentials are transferred to a malicious server when they enter them. It spreads by sending victims communications with malicious links and ‘push’ messages, according to a statement.

His activity, according to Check Point Research, also had a geofence limitation, since it did not run if the device users were in China, India, Romania, Russia, Ukraine, or Belarus.

According to the cybersecurity firm, these malicious ‘software’ were advertised as antivirus solutions on the Google Play Store (Atom Clean-Booster, Antivirus; Antivirus, Super Cleaner; Alpha Antivirus, Cleaner; Powerfull Cleaner, Antivirus; y dos llamadas Center Security, Antivirus).

Following the results, Check Point Research notified Google, and he withdrew them from his digital store after further investigation. They are, however, nevertheless prevalent in unofficial markets, according to researchers.

By Editor

Leave a Reply