SharkBot Malware has returned to Google Play Storeand is targeting crypto apps to steal the users login details.
The malware can steal cookies from accounts.
Also, while the user bypasses the authentication methods like fingerprint, it can steal.
After the user installs and launches the dropper apps, the SharkBot malware is added.
A malware analyst, Alberto Segura, posted a tweet about the malware to alert Android users.
The two malicious apps are Mister Phone Cleaner and Kylhavy Mobile Security, which has around 60,000 installations.
So, if you have these apps on your smartphone, immediately remove them manually.
We discovered a new version of#SharkbotDropperin Google Play used to download and install#Sharkbot!
The found droppers were used in a campaign targeting UK and IT!
So the users are forced to enter the password.
The SharkBot malware can bypass two-factor authentication.
A technique bypassing multi-factor authentication mechanisms.
It is explained by Cleafy Labs, an online fraud management company.
They explained it when the malware was first identified.
Scammers can easily take control of smartphones via mobile apps, so most of them target victims via apps.
Last year in October 2021, malware analysts at Cleafy discovered SharkBot.
Then in March 2022, NCC Group found out the apps were infected on Google Play Store.
In May 2022, the researchers at ThreatFabric spotted SharkBot 2.
It came with a domain generation algorithm (DGA).
