• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

SharkBot Malware Found in Android File Manager Apps With Thousands of Downloads

You are here: Home / General Cyber Security News / SharkBot Malware Found in Android File Manager Apps With Thousands of Downloads
November 24, 2022

Variants of the SharkBot malware had been found in quite a few file manager Android applications on the Google Engage in Retail store, some of them with countless numbers of downloads.

When the apps have now been taken down by Google, security scientists at Bitdefender released an advisory previously this 7 days to explain the risk.

“The Google Perform Retail outlet would very likely detect a trojan banker uploaded to their repository, so criminals resort to additional covert procedures,” reads the technological create-up.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


“A person way is with an app, from time to time reputable with some of the marketed functions, that doubles as a dropper for additional insidious malware.”

This was the situation with several file supervisor applications, which ended up disguised as these kinds of to justify the ask for for permission to install exterior deals from the user.

“Of class, that permission is made use of to obtain malware,” Bitdefender wrote. “As Google Enjoy apps only have to have the performance of a file supervisor to install yet another app and the malicious actions is activated to a restricted pool of end users, they are hard to detect.”

In addition, though the apps discovered by the crew are no for a longer period offered on the Google Play Retail store, they can still be identified in distinctive 3rd-party retailers, building them a existing danger.

The first analyzed by the Bitdefender group was ‘X-File Manager,’ formulated by ‘Viktor Delicate ICe LLC’ and counting around 10,000 installs in advance of it was deleted. ‘FileVoyager’ was the next just one, created by ‘Julia Tender Io LLC’ and counting roughly 5,000 downloads.

Bitdefender identified two far more applications next the exact sample, but they were being never accessible on the Google Perform keep. They are called ‘Phone Help, Cleaner, Booster’ and ‘LiteCleaner M’ and were discovered on the web via third-party app retailers.

The majority of consumers who downloaded the destructive applications were from the United Kingdom (80.6%) and Italy (16.2%), with a little minority in other international locations.

Far more info about every particular person malware app is offered in the Bitdefender advisory. Its publication will come weeks following cybersecurity authorities at Cleafy prompt the Android banking Trojan Vultur has arrived at a lot more than 100,000 downloads on the Google Participate in Retail outlet.


Some parts of this article are sourced from:
www.infosecurity-journal.com

Previous Post: «Cyber Security News Sonder confirms data breach, documents and other PII potentially compromised
Next Post: Bahamut Spyware Group Compromises Android Devices Via Fake VPN Apps Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors
  • Top 10 Best Practices for Effective Data Protection
  • Researchers Expose New Intel CPU Flaws Enabling Memory Leaks and Spectre v2 Attacks
  • Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks
  • [Webinar] From Code to Cloud to SOC: Learn a Smarter Way to Defend Modern Applications
  • Meta to Train AI on E.U. User Data From May 27 Without Consent; Noyb Threatens Lawsuit
  • Coinbase Agents Bribed, Data of ~1% Users Leaked; $20M Extortion Attempt Fails
  • Pen Testing for Compliance Only? It’s Time to Change Your Approach
  • 5 BCDR Essentials for Effective Ransomware Defense
  • Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers

Copyright © TheCyberSecurity.News, All Rights Reserved.