Share:
Check your phone – Antivirus apps caught spreading banking malware
When it comes to smartphone apps, proceed at your own risk. When you decide to download an app, even if it’s from a trusted source, you could be exposing your data, privacy and even financial information without knowing it.
If you’re considering getting into cryptocurrency, you must be extra careful. On its own, digital currency is a volatile and risky investment, but the risk goes up when scams are thrown into the mix. Tap or click here for our report on fake crypto apps and how to avoid them.
While some apps collect data or drain your battery, it gets worse. You may think everything is functioning as promised, but there’s some nefarious activity going on in the background. Some antivirus apps have recently been found in the Google Play Store that are not what they seem.
Antivirus? No, just the opposite
We recently reported on malicious apps that snuck through Google’s security check to find a place in the Play Store. These apps are designed to spread malware and steal information such as PINs, 2FA codes or login credentials. They also subscribe victims to services they didn’t sign up for and siphon funds that were supposedly invested.
Check Point Research (CPR) discovered six antivirus apps in the Play Store spreading Sharkbot banking malware. Sharkbot is a trojan that transfers funds from your account into a scammer’s account. This malware is mainly used to steal banking credentials, intercept text messages and control your phone.
RELATED: Dangerous antivirus app is hiding malware – Remove it from your phone now
In an email to Komando.com, a spokesperson for CPR wrote that more than a thousand unique IP addresses of infected devices were uncovered during the investigation, mostly in the U.K. and Italy.
CPR cites Play Store statistics that show more than 11,000 downloads. But don’t think you’re safe if you live in the U.S., as problematic apps like these can appear anywhere.
The apps
Sharkbot malware tricks you into entering your credentials by mimicking the input fields typically seen when filling out information. That data is then sent to a malicious server.
CPR provided a list of the six apps uncovered during its investigation:
- Atom Clean-Booster, Antivirus
- Antivirus, Super Cleaner
- Alpha, Antivirus Cleaner
- Powerful Cleaner, Antivirus
- Two instances of Center Security – Antivirus
Four of the applications came from three developers: Zbynek Adamcik, Adelmio Pagnotto and Bingo Like Inc. CPR sent its report to Google and the apps were removed from the Play Store.
Don’t be a victim
Only download apps from official stores such as Google Play and Apple’s App Store. Even then, you should take your time before trusting anything at face value. Follow these tips to reduce your risk of getting scammed:
- Read the reviews. If the rating is bad or you find any hint that the app may be a scam, move on.
- Read any app’s permissions before installing it. Check for access to your personal information or any of your phone’s functions.
- If your battery is draining faster than usual, the culprit may be an app you recently downloaded.
- If you suspect an app is malicious, report it to the official app store.
- Have trustworthy antivirus software on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan of TotalAV Internet Security for only $19 at ProtectWithKim.com. That’s over 85% off the regular price!
Keep reading
Russia-Ukraine War scams are here – Here’s what to keep an eye out for
Malware in a popular Android app steals your Facebook credentials – Delete it now
Tags: Apple, apps, banking credentials, battery, cryptocurrency, download, financial information, Italy, malware, Play Store, scams, smartphone apps
Share: