SharkBot Malware Resurfaces On Google App Store

A newly improved version of a malware-targeting banking and crypto app, SharkBot, has just resurfaced on the Google Play market, now able to collect cookies from account logins and bypass biometric or authentication constraints.

On September 2, malware analyst Alberto Segura and treatment intelligence analyst Mike Stokkel posted a warning about the latest version of the virus on their Twitter accounts, posting their co-authored article on the Fox IT blog.

The current version of the malware, according to Segura, was discovered on August 22 and is capable of launching overlay assaults, collecting data through keylogging, intercepting SMS messages, and providing threat actors complete remote control of the host device by abusing Accessibility Services.

The new malware version was detected in two Android apps with 50,000 and 10,000 downloads, respectively. The two apps were initially approved for the Play Store because Google’s automated code review found no dangerous code, but they have since been withdrawn. However, customers who installed the apps are still vulnerable and should remove them manually.

An in-depth investigation by the Italian security firm Cleafy discovered that SharkBot had identified 22 targets, including five cryptocurrency exchanges and several international banks in the United States, United Kingdom, and Italy.

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join CoinCu Telegram to keep track of news: https://t.me/coincunews

Follow CoinCu Youtube Channel | Follow CoinCu Facebook page

Harold

CoinCu News