CyberNews Briefs

Thousands of Android users downloaded this password-stealing malware disguised as anti-virus from Google Play

Cybersecurity researchers at Check Point have identified six different fraudulent anti-virus applications that have since been removed from the Google Play store. The applications are parading as tools that help to protect users from cybercrime, however, they actually deliver malware to steal passwords, bank details, and other personal information. The applications primarily target Android users, and were downloaded from the Google Play store by over 15,000 users who were seeking to protect their devices.

The applications leverage the Sharkbot Android malware, which is designed to steal sensitive information by luring its victims to enter their credentials in spoofed windows. When targets input their information, it is immediately sent back to the attackers. Attackers behind the campaign can then use the credentials to gain access to emails, social media, banking accounts, and more. The applications were able to bypass the Google Play store protections because the malicious behavior was not detected until the user had already downloaded the app.

Read More: Thousands of Android users downloaded this password-stealing malware disguised as anti-virus from Google Play

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.