Security News > 2022 > April > Google Play Bitten by Sharkbot Info-stealer ‘AV Solution’

Google Play Bitten by Sharkbot Info-stealer ‘AV Solution’
2022-04-08 16:06

Researchers have found the info-stealing Android malware Sharkbot lurking unsuspected in the depths of the Google Play store under the cover of anti-virus solutions.

While analyzing suspicious applications on the store, the Check Point Research team found what purported to be genuine AV solutions downloading and installing the malware, which steals credentials and banking info from Android devices but also has a range of other unique features.

CPR researchers peered under the hood of Sharkbot and uncovered not only typical info-stealing tactics, but also some characteristics that set it apart from typical Android malware, researchers said.

Researchers first discovered four applications of the Sharkbot Dropper on Google Play on Feb. 25 and shortly thereafter reported their findings to Google on March 3.

Specifically, researchers found the Sharkbot dropper masquerading as the following applications on Google Play;.

The emergence of Sharkbot disguised as AV solutions shows that attackers are getting sneakier in how they hide their malicious activity on the platform, and could serve to damage users' confidence in Google Play, noted a security professional.


News URL

https://threatpost.com/google-play-bitten-sharkbot/179252/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Google 103 256 4322 4698 744 10020