An advanced banking malware known as SharkBot has been discovered on the Google Play Store for the second time. It was first discovered in November 2021, the treacherous malware is camouflaged as an antivirus app with virus detection and system cleaning capabilities. By exploiting the accessibility permission on Android devices and granting itself other necessary permissions, the updated version of the SharkBot malware can transfer money utilizing Automatic Transfer Systems (ATS). It intercepts or hides SMS messages and uses the device’s accessibility settings to get complete remote control of the Android device.
As a result, it can detect when a user opens a banking app and uses that information to execute matching web injection attacks and steal the user’s bank credentials.
Smartphone users are advised to use caution while downloading apps from different app stores and to do additional security checks if they are unsure. Furthermore, users should try to bring down the number of apps on their devices to a bare minimum and avoid installing unwanted apps.
