Security News > 2022 > April > Google Play Bitten by Sharkbot Info-stealer ‘AV Solution’
Researchers have found the info-stealing Android malware Sharkbot lurking unsuspected in the depths of the Google Play store under the cover of anti-virus solutions.
While analyzing suspicious applications on the store, the Check Point Research team found what purported to be genuine AV solutions downloading and installing the malware, which steals credentials and banking info from Android devices but also has a range of other unique features.
CPR researchers peered under the hood of Sharkbot and uncovered not only typical info-stealing tactics, but also some characteristics that set it apart from typical Android malware, researchers said.
Researchers first discovered four applications of the Sharkbot Dropper on Google Play on Feb. 25 and shortly thereafter reported their findings to Google on March 3.
Specifically, researchers found the Sharkbot dropper masquerading as the following applications on Google Play;.
The emergence of Sharkbot disguised as AV solutions shows that attackers are getting sneakier in how they hide their malicious activity on the platform, and could serve to damage users' confidence in Google Play, noted a security professional.
News URL
https://threatpost.com/google-play-bitten-sharkbot/179252/
Related news
- Android malware 'Necro' infects 11 million devices via Google Play (source)
- Fake WalletConnect app on Google Play steals Android users’ crypto (source)
- Fake Trading Apps Target Victims Globally via Apple App Store and Google Play (source)
- ‘Pig butchering’ trading apps found on Google Play, App Store (source)
- Over 200 malicious apps on Google Play downloaded millions of times (source)