(ANSA) – ROME, APRIL 07 – They pretend to be anti-virus apps, instead they spread banking malware that steal banking credentials and information. It is the discovery of the researchers of the security company Check Point Research who found six applications on the Google Play Store: it counted over 1,000 unique IP addresses of infected devices, especially in Italy. Malicious applications have been downloaded more than 11,000 times. The company reported the results to Google, which removed the malicious apps.
Check Point Research suspects that the attackers are Russian-speaking and warns Android users to also be very careful when downloading anti-virus solutions, which should protect them from viruses. 62% of the victims were found in Italy; 36% in the UK, 2% in other countries.
Hackers have implemented a geo-location feature that ignores users in China, India, Romania, Russia, Ukraine or Belarus.
The offending apps are Atom clean booster, Super cleaner, Alpha antivirus, Powerful cleaner, and two with the identical name Center security. Malware known as Sharkbot steals credentials and banking information. Sharkbot – the researchers explain – attracts victims with push notifications, inducing users to enter credentials by filling in forms.
When the user enters their credentials in these windows, the compromised data is sent to a malicious server.
“I think it’s important for all Android users to know and think twice before downloading any antivirus solution from the Play Store. It could be Sharkbot,” explains Alexander Chailytko, of Check Point Software who recommends installing only trusted and verified applications, and to report apparently suspicious apps to Google.
(HANDLE).
Source: Ansa
I have been working in the news industry for over 10 years now and I have worked for some of the biggest news websites in the world. My focus has always been on entertainment news, but I also cover a range of other topics. I am currently an author at Global happenings and I love writing about all things pop-culture related.
