Alert ! the malware SharkBot has been spotted in a new burst of Android apps.
So beware if you have recently downloaded a file manager from the Google PlayStore.
Malware hidden… in a file manager
We had discovered it at the end of last year in particular, the SharkBot malware had been talked about again at the start of the year, by slipping into a selection of antivirus applications within the Android PlayStore. Bad news today, since SharkBot is back, and has hidden this time in “file manager” type applications, including a certain X-File Manager.
Note that the X-File Manager application is not the only one concerned. The latter has more than 10,000 downloads, but the malware is also rampant within the FileVoyager application, as well as LiteCleaner M. Prudence therefore.
SharkBot, again and again
Sharkbot has been an unfortunately regular mobile threat for a few months, which can be deployed both through the Google Play Store, but also on other third-party app stores.
Malware that has the one and only objective of attacking ATS (Automatic Transfer Systems), i.e. automatic transfer systems, by automatically filling in the identification fields of banking applications in order to make transfers.
Banks targeted by SharkBot include Barclays, Bank of Ireland, Tesco Bank, ING Italia, Halifax, Hello Bank, Santander UK and CheBanca. According BitDefender, SharkBot would be very present in the United Kingdom (80%), as well as in Italy (16%). Its presence in France would be less than 0.5%.
Of course, the applications in question have all been removed from the Play Store, and the users concerned are invited to delete them, but also to modify their bank identifiers as soon as possible.
Source : TheHackerNews