Phone : +91 9582 90 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Android banking trojan: malware-spreading apps were posing as utility tools to steal user data

Android banking trojan: malware-spreading apps were posing as utility tools to steal user data

Android banking trojan: malware-spreading apps were posing as utility tools to steal user data

A new set of dangerous Android apps were successful in bypassing Google’s security to make their way into the Play Store.

Experts have warned that these malware-laden apps were masquerading as utility applications and were able to manage over ten thousand total downloads before it was removed by the tech giant.

According to a report by Bleeping Computer, cybersecurity researchers at Bitdefender were able to discover four such apps which are — “FileVoyager”, “X-File Manager”, “LiteCleaner M” and “PhoneAID, Cleaner, Booster 2.6”.

Why these apps were dangerousAs per the report, these apps were distributing a banking trojan malware named Sharkbot and were able to manage at least 16,000 cumulative downloads. These apps were able to disguise themselves as phone cleaning and file management apps.

The researchers even suggested that by impersonating utility apps, attackers hoped that users won’t get suspicious when these apps would ask for various permissions.

How does Sharkbot work
The report mentions that Sharkbot needs several permissions to control other apps and steal sensitive banking data. This malware takes control of legitimate banking apps and the trojan can steal login data whenever users sign into the app.

How these apps managed to bypass Google’s security
These apps were able to bypass Google’s security checks as they didn’t deliver the malware payload upon installation, the report notes. The trojan was later deployed when the attackers triggered an update for these apps.

Regions targetted by the malware
The report claims that most of the victims were people residing in the UK and Italy. However, the researchers also observed that the attackers were also targeting the bank accounts of users in Iran and Germany as well.

How to stay safe from these apps
Google has already removed these apps from the Play Store. However, some users still might have the apps downloaded on their devices which can be risky. Users who had these apps installed need to delete these apps and change their banking account passwords to mitigate any threat of cybercriminal activities posed by the apps.

You can install an Android antivirus app and keep the Play Protect service enabled to protect against such attacks.

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

Juniper Firewall
Cisco Firewall
Checkpoint Firewall
paloalto Firewall
Fortinet Firewall
Forcepoint Firewall

 

Sophos Firewall
WatchGuard Firewall
Barracuda Firewall
Sonicwall Firewall
GajShield Firewall
Seqrite Firewall

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 9582 90 7788 | Support Number : +91-9654016484
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket

Firewall Firm is a Managed Firewall Security Solution Provider Company in India | Digital Marketing by SEO Company India | Powered by IT Monteur