• Home
  • Blog
  • Products
    • Partner Subscription
    • Breach Prevention Platform
    • HIPAA Services
    • Dark Web Monitoring
    • In-Email Training & Email Analysis | Catch Phish Outlook Plug-In
  • Request a Demo
  • About Us
  • Contact Us

Call us at: 877-275-4545

Partner? Login here
Breach Secure Now!Breach Secure Now!
  • Home
  • Blog
  • Products
    • Partner Subscription
    • Breach Prevention Platform
    • HIPAA Services
    • Dark Web Monitoring
    • In-Email Training & Email Analysis | Catch Phish Outlook Plug-In
  • Request a Demo
  • About Us
  • Contact Us

Dangerous Malware Disguised as Antivirus Software

April 18, 2022 Posted by Art Gross Ransomware, Security No Comments

It is so easy to become complacent in our cybersecurity behaviors.  But Android users should be given a shake this week and alerted to malware that is being deployed unknowingly by users who think that they are downloading anti-virus apps via the Google Play store.  There were six different cases found to contain the Sharkbot malware in recent days.  Initially discovered in October of 2021, this banking trojan makes money transfers by stealing credentials and banking information.  

Sharkbot is a type of malware that provides what appears to be a legitimate application and login form, where then the users provide all necessary details and are immediately hacked and transferred to a hostile server. It can also deploy other malicious behaviors and tasks on a device in addition to stealing login credentials. An example of this might be intercepting your bank communications that are sent through SMS text messages. And it has the capacity to bypass multi-factor authentication that is in place.  It initiates money transfers via Automatic Transfer Systems, known as ATS, which is used to better authenticate user ids and flag suspicious money transfers.

Who is (Currently) Targeted?

While no one can avoid being a target of cybercrime, Android users – in fact, as many as 15,000 users were the ones that downloaded and installed one of the applications before they were removed.  Sharkbot malware has not been attacking every user but has been attacking a subset of these users, and by using geofence technology, they identify and avoid users from China, India, Ukraine, Belarus, and Russia.

Developer accounts from Zbynek, Adamcik Adelmio Pagnott, and Bingo Like Inc were the three that had six apps infected with the malware.  These included Powerful Cleaner, Atom Clean-Booster, Alpha Antivirus, and others.

While they have since been removed from the Google Play store, if you or any of your clients downloaded these prior to their removal, they should be uninstalled immediately.   What we learn from situations like this is that a strong cybersecurity posture is a war that does not end once a training course is taken, or a breach occurs.  The need for awareness, training and research into cybercrime tactics being used will never go away as long as we are using electronic devices to share and store our data.  Your service offering should include ongoing training and should always be an integral part of your client’s business process. 

Tags: androidMalwaremobile phones
No Comments
Share
0

You also might be interested in

A Case Study on Dridex Banking Malware

Nov 4, 2015

A form of malware called Dridex is targeting finance employees[...]

Texas Print Shop Hit by Ransomware

Feb 25, 2016

Ransomware that crippled Hollywood Presbyterian Hospital made national headlines but[...]

mobile phone malware

Mobile Phone Spyware

Nov 3, 2022

Can your mobile phone be infected with malware? It sure[...]

Leave a Reply Cancel Reply

Dark Web Assessments

Search

Recent Posts

  • Industry Events and Building Relationships June 2, 2023
  • Reinforcing Cybersecurity Habits & the Dark Web May 26, 2023
  • Voice AI: A New Frontier for Cybercrime & Security May 19, 2023
  • Risk Factor Reminders May 12, 2023
  • Healthcare Cybersecurity May 5, 2023

Contact Us

  • Breach Secure Now!
  • 55 Madison Ave, Suite 400 Morristown, NJ 07960
  • 877-275-4545
  • info@breachsecurenow.com

Get Social

Schedule a Demo

Recent Blog Posts

  • Industry Events and Building Relationships June 2, 2023
  • Reinforcing Cybersecurity Habits & the Dark Web May 26, 2023
  • Voice AI: A New Frontier for Cybercrime & Security May 19, 2023

© 2023 · Breach Secure Now!

Prev Next