6 anti-virus apps on Google Play Store steal 15K Android users' data
07-April-2022

In a bizarre incident, at least 15,000 Android users downloaded anti-malware apps from Google Play Store which, instead of protecting them from hackers, infected their devices to steal passwords, bank details and other personal information, a new report showed on Thursday.
The six malware apps in the disguise of anti-virus apps have now been removed by Google from Play Store but the damage was done.
According to cyber security researchers at Check Point, the apps infected over 15,000 users with Sharkbot Android malware which steals credentials and banking information.
"This malware implements a geofencing feature and evasion techniques, which makes it stand out from the rest of malwares. It also makes use of something called domain generation algorithm (DGA), an aspect rarely used in the world of Android malware," according to the Check Point report.
It identified approximately 1,000 unique IP addresses of infected devices during the time of analysis. Most of the victims were from Italy and the UK.
Sharkbot lures victims to enter their credentials in windows that mimic benign credential input forms. When the user enters credentials in these windows, the compromised data is sent to a malicious server.
"Sharkbot doesn't target every potential victim it encounters, but only select ones, using the geo-fencing feature to identify and ignore users from China, India, Romania, Russia, Ukraine or Belarus," said the report.
"Overall, we saw over 15,000 downloads of these apps from Google Play," it added.
Threat actors are evolving and constantly seeking ways to inject and drop malware at any means possible, including disguising as legitimate "official" apps.
After examining the apps, Google proceeded to permanently remove these applications on Play store. - IANS
Gen Z Protests Push Nepal to Restore Social Media Access After Youth-Led Unrest
Trump Softens Tone on India: “I’ll Always Be Friends With Modi” as Trade Row Deepens
AIADMK Rift Deepens: K.A. Sengottaiyan Demands Return of Expelled Leaders, Ultimatum to EPS
Kerala Custodial Torture Row: Man Alleges Police Tried to Pull Out Teeth With Pliers
Pallavi Joshi Pens Open Letter to President Murmu Over The Bengal Files Release in West Bengal