SharkBot Android Trojan Preys on American and British Users

Android devices have become a great target for cyberattacks. Many users rely on them to do their online banking, payments, and important communication. In the meantime, they are reluctant to work on enhancing their Android device's defenses, leaving them vulnerable to malware. Malware operators like the ones behind the SharkBot Android Trojan are targeting these exact people with a dangerous Trojan that could be used to hijack financial data, cryptocurrency wallets, and other information.

Currently, the SharkBot Android Trojan campaign is active in the United States and the United Kingdom. However, it is expected that the attack will reach other regions as well. The malware is able to target 22 popular, international banks, as well as five popular cryptocurrency applications that see a lot of use in the United States.

SharkBot Android Trojan Abuses the Android Accessibility Service

Once the SharkBot Android Trojan runs for the first time, it will prompt the victim to grant the app access to the Android Accessibility Service – an attack technique that modern Android malware relies on. By abusing the Accessibility Service, the SharkBot Android Trojan can gain access to personal data, contacts, credentials, and the ability to execute various tasks on the compromised device.

The malware is often disguised as a data recovery tool, media player, streaming app, or another useful utility. These might be available on 3rd-party app stores. The best way to stay safe from such attacks is to use an up-to-date Android antivirus tool, as well as to only download apps from trustworthy sources.

The SharkBot Android Trojan attack happens by displaying fraudulent overlays on top of all other aps and screens – this only happens when the user tries to access one of the apps or banking sites that the criminals are targeting. The fake overlay looks like the original one, but all data the user enters will be sent to the attacker's server. Last but not least, the malware is also able to hijack text messages, log keystrokes, and simulate taps or gestures. This enables the criminals to potentially by pass two-factor authentication.

November 17, 2021
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.