According to the latest news, the well-known Android fraudster SharkBot is back on the Google Play Store by disguising it as a fake security and cleaning program.
In a recent report, Fox-IT of NCC Group reported:
“This dropper isn’t relying on accessibility permissions to install this dropper Sharkbot malware. This new version instead will ask the victim to run the program using fake updates for the antivirus, so that it can be secured against security threats.”
The problem lies in the fact that these apps in question comprise Mister Phone Cleaner and Kylhavy Mobile Security are both running more than the 60,000 installed.
Additionally, they are designed to be used by users from Spain, Australia, Poland, Germany, the United States as well as Austria.
Also Read: Snapdragon 6 Gen 1 Specs Sheet Leaked
According to the reports the droppers are believed to release a fresh version SharkBot named V2 from Dutch cybersecurity firm ThreatFabric.
They’ve rewritten their codebase, a revised command-and control (C2) communications system as well as the domain generation algorithm (DGA).
Other noteworthy capabilities of information theft to be mentioned include:
Alberto Segura and Mike Stokkel the researchers, declared:
“Until the present, SharkBot’s developers appear to have focused on the dropper, in order to continue using Google Play Store Google Play Store to distribute their malware, especially in recent campaigns.”