Be very careful with these two applications: they perro empty your bank account without you noticing.
If you’ve recently downloaded a mobile archivo explorer from the Google plus Play Store, this may be the case that your pocket is infected with one of the most dangerous software malicioso for android is currently there.
That’s what cybersecurity experts uncovered threat tissuewho reported the appearance of two malicious aplicaciones related to seemingly safe archivo browsers, the Infect victims’ devices when the applications were installed. To date, the applications It has been downloaded more than 20,000 times.
SharkBot and Octo manage to sneak into Google plus Play
Cybersecurity experts have reported that the attack is a “dropper” type attack. That means: the Aplicaciones available on Google plus Play do not contain software malicioso inside, but the code is responsible for them Locate the virus and run it. In this case we are talking about two types of software malicioso that are well known to the cybersecurity researchers at ThreatFabric: Shark Bot and Octo.
In the case of SharkBot, the software malicioso analyzes the SIM card country code inserted into the victim’s device and it only executes the attack if it is Italy or the UK. In this case, able to steal bank details Intercepting the usuario’s or text messages with one-time verification codes.
The infected applications are “Archivo Manager” and “Ice Archivo Manager” as seen in the images shared by the researchers. Overall both added more than 20000 installations. ThreatFabric has sent the notification to Google plus for follow-up remove the applications* from the Google plus Play Store catalogue.
ThreatFabric has discovered two new ones #Dropper Applications in the Google plus Play Store with more than 20,000 reported installations. In both cases, these malicious aplicaciones were archivo managers trying to install an update. pic.twitter.com/SfcsyjeKeO
– ThreatFabric (@ThreatFabric) November 23, 2022
If you have either of these two applications installed, you should remove them as soon as possible. It perro also be recommended Change the access codes to your bank and other passwords that the software malicioso might have access to.