skip to Main Content

Cybercrime, Sharkbot is disguised in Android file managers apps

Sharkbot is disguised in Android file managers apps. The apps work as a dropper for the malware and they are downloaded mostly from UK and Italy. The trojan attempts to steal online bank credentials

Sharkbot is being distributed on Android devices via different apps originally downloaded the from Google Play Store. Bitdefender cybersecurity experts discovered it. They are disguised as file managers and request permission to install external packages (REQUEST_INSTALL_PACKAGES) from the user: the malware. So, they work as a dropper. Today, none of these apps are still available on the Store, but they’re still in the wild across the web in different third-party stores, making them a current cybersecurity threat. Most users who have downloaded the apps are primarily from the United Kingdom and Italy, with a small minority in other countries as well. Sharkbot is a trojan that attempts to steal online bank accounts credentials by displaying fake login forms over legitimate login prompts in banking apps. When a user attempts to log in to their bank using one of these fake forms, the credentials are stolen and sent to cybercrime actors behind the operation.

Back To Top