[ad_1]
Used to pretend to be an antivirus solution
check point Research According to a blog post by Google, these 6 Android apps that appeared as genuine antivirus apps on the Google Play Store were discovered to be droppers for Sharkbot malware. Sharkbot is an Android stealer, which is used to infect devices and steal login credentials and payment details from users. Once the dropper app is installed, it can be used to download malicious payloads and infect users’ devices.
Malware prepared for users of these countries
The Sharkbot malware used by these 6 fraud antivirus apps also used a geofencing feature, which is used to target users in specific regions. According to the Check Point Research team, Sharkbot malware has been designed to identify users from China, India, Romania, Russia, Ukraine or Belarus. The malware can reportedly check when it is being run in the sandbox and stop execution and analysis. During this period, Check Point Research looked at 6 apps from 3 developer accounts Zbynek Adamcik, Adelmio Pagnotto and Bingo Like Inc. The team also talks about AppBrain’s data, which shows that the 6 apps were downloaded a total of 15 thousand times before being removed. Even after being removed from Google Play Store, some apps of these developers are still present in the third party market.
Google’s action
According to Check Point Research, 4 malicious apps were spotted on February 25 and Google was informed about it on March 3. The apps were removed from the Play Store on March 9. Two more Sharkbot dropper apps were then spotted on March 15 and March 22, both of which were reportedly removed on March 27. According to the team of Check Point Research, users should download and install apps only from Google Play Store, Apple App Store or any other trusted and verified space. In this way security is maintained.
Tech News by Careers Ready for the latest tech news, smartphone reviews and exclusive offers on popular mobiles. Android Download the app and follow us Google News Follow on.
[ad_2]