Sharkbot is a new generation of mobile malware as it attack inside the infected devices similar technology which we already seen in some banking Trojan such as Gustuff . SharkBot malware attempt to steal login credentials from the banking application by creating a fake login forms and when user fill the credential on form the attacker get the credentials.
Recently bit defender noticed malicious application in the google play store acting as droppers for SharkBot Banking malware.
 |
| Image by Bitdefender |
Google play store stop such application by not approving such application for its repository so criminals found another covert way to accomplish his goals by a legitimate applications which is doing more or less what it advertise and once user install the application , application drop SharkBot malware depending upon the user location.
Bitdefender found at least 4 application which delivering SharkBot
X-File Manager
* https://play.google[.]com/store/apps/details?id=com.victorsoftice.llc&hl=EN
 |
| Image by Bitdefender |
FileVoyager
* https://play.google[.]com/store/apps/details?id=com.potsepko9.FileManagerApp
 |
| Image by Bitdefender |
Phone AID
* https://www.modapkdown[.]com/com.sidalistudio.developer.app/phone-aid-cleaner-booster-mod/
LiteCleaner M
 |
| Image by Bitdefender |
* https://apksos[.]com/app/com.ltdevelopergroups.litecleaner.m
These application mostly downloaded from the United Kingdom and Italy.As the cover application having the same features as it advertise it is hard to detect such application
 |
| Image by Bitdefender |
No comments:
Post a Comment