Security News > 2022 > November > This Android File Manager App Infected Thousands of Devices with Sharkbot Malware
The Android banking fraud malware known as SharkBot has reared its head once again on the official Google Play Store, posing as file managers to bypass the app marketplace's restrictions.
SharkBot, first discovered towards the end of 2021 by Cleafy, is a recurring mobile threat distributed both on the Google Play Store and other third-party app stores.
One of the trojan's primary goals is to initiate money transfers from compromised devices via a technique called "Automatic Transfer System", in which a transaction triggered via a banking app is intercepted to swap the payee account with an actor-controlled account in the background.
LiteCleaner M is still available for download from a third-party app store called Apksos, which also houses a fourth SharkBot artifact by the name "Phone AID, Cleaner, Booster".
The X-File Manager app, which is only accessible to users in Italy, attracted over 10,000 downloads before it was removed.
That's because Google's Developer Program Policy restricts the permission to install external packages to a handful of app categories: web browsers, instant messengers that support attachments, file managers, enterprise device management, backup and restore, and device transfer.
News URL
https://thehackernews.com/2022/11/this-android-file-manager-app-infected.html
Related news
- New FireScam Android malware poses as RuStore app to steal data (source)
- New FireScam Android data-theft malware poses as Telegram Premium app (source)
- FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices (source)
- DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection (source)
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)