Threat Management

Updated Sharkbot malware spread through fake Android apps

Android device users in the U.S. and various countries across Europe are having their banking logins targeted by two applications with an updated Sharkbot malware variant, BleepingComputer reports. Fox IT researchers discovered that the upgraded Sharkbot malware within the "Mister Phone Cleaner" and "Kylhavy Mobile Security" apps, which have been downloaded 60,000 times combined. Both of the apps, which have since been deleted from Google Play, were found to add the malware in an update following their installation. Sharkbot malware developers were also found to have added bank account login cookie theft capabilities in the latest malware version, which no longer exploits Accessibility Services. "The dropper instead will make a request to the C2 server to directly receive the APK file of Sharkbot. It wont receive a download link alongside the steps to install the malware using the 'Automatic Transfer Systems' (ATS) features, which it normally did," said Fox IT.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.