Cybercriminals are using SharkBot malware to steal Google Play logins

On the Google Play Store, there is a new malware called ‘SharkBot.’ SharkBot Malware is assaulting Android phones by stealing their money from banking and crypto accounts. Moreover, this app targets delicate banking credentials, credit card info, and personal information to destabilize access to financial associations linked to people in the US, UK, and Italy. 

However, this malware existed in two Android apps available on the Google Play store that did not attribute any malignant code when introduced to Google’s automatic review. After the user installs the apps, SharkBot takes place in their system and flings the butcher apps.

Expansion of SharkBot

The malicious Sharkbot was discovered by security firm Cleafy. Discovering SharkBot verifies a GenX of mobile malware now competent for executing attacks inside an ailing device. This threat can engulf banking protective measures and layout without arising from the official Google Play Store.

SharkBot impersonates an innocuous-looking media player, TV player app, or data restore. Therefore, installing the SharkBot in the devices prevents being seen and spreads access to banking authorization, account balances, credit card details, and other recognizable personal details. Also, SharkBot can autocomplete sections in legalized banking apps and then convey money from the sufferers.

SharkBot Malware: A Cyber Nightmare

The new Android banking adware is primarily concentrating on starting by transferring money from negotiable devices. Therefore, by using an approach that detours multi-level identification protective protocols frequently used by financial organizations.

• Most banking apps use two-step identification, and the malware can detour it. 
• It can disguise itself from the Android phone’s home screen
• Documentation shortcut of fatality to learn credentials and acquire control
• The ability of execution signing on the side of loss
• Can take over complete control of infected Android phones
• Interrupt the banking communications sent by text from infected devices.

Social media links and alongside are the most sneaky way SharkBot malware affects its victims. Moreover, Google Play Store does not contain any copies at this warning time. The installation of an application package can result in a hazardous trojans transfer with files from computer to a mobile device.

ESOF AppSec protect your Android devices from SharkBot

ESOF AppSec provides you with comprehensive testing of the applications in several environments. Moreover, on Android and iOS devices, it detects any security or privacy issues and scans your complete mobile app source code. 

Human inspections and automated reviews combine to enhance source code security by identifying SharkBot Malware and eliminating business logic errors and security flaws.

• Instead of wasting time reviewing detailed and lengthy reports, it provides you with the cyber Risk Score. The risk score will help you secure the entire network’s security posture.
• ESOF Scanners give exact results by executing Grey Box and Black Bos testing. Hence, eliminating too many false positives.
• Your apps will undergo penetration testing during the Agile or DevSecOps lifecycle, eliminating the flaws in your entire IT stack.

Don’t be quick to click!
Keep your apps safe with ESOF AppSec. 

Download the ESOF Appsec DataSheet for more details.