The SharkBot software malicioso has made a comeback with three infected aplicaciones, which fortunately have already been removed from Google plus Play.
Last September we told you about two Google plus Play aplicaciones infected with SharkBot, software malicioso that emplees this ability to objetivo Android users Steal banking aplicación credentials. Its aim is to steal money from its victims through wire transfers.
This software malicioso was part of the list of the most prevalent trojans in the world, and now just reappeared in three infected aplicaciones as they send us by Bitdefender. Three archivo management applications are affected, which almost all of us regularly use on our end devices.
Here are the aplicaciones infected by SharkBot
The three aplicaciones responsible for Sharkbot infection are the following:
- X archivo manager.
- Archivo Voyager.
- Lite M Cleaner.
It’s worth noting that They have all been removed from Google plus Play, although LiteCleaner M perro still be found through a third party called Apksos. In this store a fourth aplicación is infected: HELP phone, cleaner, booster.
the software malicioso It is mainly distributed through Italy and the United Kingdom, with much smaller infection vectors in Iran, Algeria and Germany. In especial, X-Archivo Manager was only available on Italian territory and managed to attract more than 10,000 downloads before being withdrawn.
It is not surprising that these types of aplicaciones are chosen for infection as they Google plus restricts installation permissions for APK archivos with very specific types of aplicaciones: archivo managers, corporate device management tools, copia de seguridad and restore aplicaciones, and transferring aplicaciones between devices.
Despite the limitations These aplicaciones are used as attack vectors. After installation in a terminal, they download the software malicioso from a remote server and install it on the phone. Objetivo companies include Bank of Ireland, Bank of Scotland, Barclays, BNL, HSBC UK, Lloyds Bank, Metro Bank and Santander.
If for some reason any of the aplicaciones mentioned here have reached your phone, it is recommended uninstall it and change your banking aplicación credentials to prevent a greater evil. It’s also a good iniciativa to turn on Google plus Play Protect and read aplicación reviews and ratings before downloading.