Cyber Attackers keep changing their strategies and tactics for stealing sensitive information off mobile devices. In 2022, Ransomware is still the top malware issue but there are other types of malware that are making their presence known. There are quite a few financial trojans that you need to be aware of. In this article, we will investigate the different financial type trojans plaguing Android devices specifically the SharkBot malware. We will review what they are, how they work, and how to protect yourself from them.
According to DataProt, there are 560,000 new pieces of malware detected every day. Businesses fall victim to ransomware every minute. Trojan horses account for 58% of all malware. These are startling statistics. Cybersecurity is an increasing problem for businesses and it is not going away anytime soon. For smaller businesses, cyber threats are a major concern.
What is a Cyber Attack?
A cyber attack is any incident in which an intruder causes disruption to a computer network or system. These attacks often occur without the knowledge of the owners of that system and can affect a person\’s ability to use their computer.
What Are the Symptoms of Cyber Attacks?
DataProt says that users should beware when they notice unusual activity on their device, such as a program that they did not install being installed without their knowledge. Another symptom to look for is the deterioration of security software and notification systems. Users should also be wary if they receive an email from a suspicious source and have to sign in to their account. DataProt recommends that users should back up their devices.
What is Malware and how does it work?
Malware is a term used to describe any malicious software that can infect your computer or mobile device. It can be installed from an email, downloaded from the internet, or even installed on a USB stick. Malware often spreads through spam email campaigns, malicious apps on mobile phones, and social engineering techniques.
Malware is often disguised as something useful or important so you will open it and install it on your system. For example, malware may be disguised as a PDF file of an invoice, a document with a resume attached, or even just an innocent-looking email attachment. Once it has been installed on your device, malware can do all sorts of things like steal personal information like passwords and credit card numbers; access sensitive company information; crash your system; or encrypt all of the data on your hard drive so that you cannot use it
What is SharkBot Malware?
Cleafy Threat Intelligence Team was the first to discover how the malicious software, SharkBot Malware, targets Android devices. It disguises itself as a legitimate antivirus app to gain access to your personal information. First discovered in November 2021, it is a Trojan horse that only becomes dangerous once installed on your device.
SharkBot is usually downloaded from Google Play through 1 of 6 antivirus apps. These apps are Atom Clean-Booster, Super Cleaner; Alpha Antivirus, Powerful Cleaner, and two different flavors of Center Security.
Do not install these 6 Antivirus Apps if they are still available in Google Play. Cyber Attackers will try to shift strategies and tactics so these malware might appear as different apps or install them through a phishing email or text message. Do not install antivirus apps that you are not aware of. Do due diligence and research them before you install any of them.
How Does the SharkBot Malware Work?
The SharkBot malware is a trojan that is part of the TeaBot, FluBot, and Oscorp financial trojan family.
SharkBot can be used to steal information from the infected device, including banking credentials and other sensitive data. SharkBot is capable of siphoning passwords and initiating money transfers from infected devices. It also bypasses multifactor authentication.
What are the techniques used by SharkBot Malware?
SharkBot’s goal is to steal and use banking credentials from Android users and utilizes the following techniques:
- Injected Programs – detect a financial app and try to steal credentials through a false log-in screen.
- Key Loggers – steals passwords by passing the passwords to a server.
- SMS Interception – intercepts SMS messages.
- Remote Control App – takes control of an Android device.
What is TeaBot malware and how does it work?
A new Android Banking Trojan called TeaBot was uncovered in January 2021. This malware installs itself as a home screen and an SMS app. When the user taps on one of these apps, TeaBot will prompt for their banking credentials or text messages, which it will then use to steal money from their accounts or steal the victim’s SMS messages.
What is FluBot malware and how does it work?
FluBot is malicious software that sends phishing text messages to Android and iPhone devices. FluBot is a new kind of malware that was discovered by security company Check Point. It\’s designed to infiltrate Android and iPhone devices and send unwanted text messages to friends and family members to trick them into downloading and installing a malicious app that steals banking, contact, and personal information.
What is Oscorp malware and how does it work?
Oscorp malware abuses Android Accessibility Services to steal sensitive data through a phishing page requesting credentials. The Android accessibility service grants users with disabilities access to various features such as text-to-speech, speaking notifications, and gesture controls. But with this service, scammers can also gain control of your phone.
How to protect yourself from SharkBot Malware?
To protect yourself from SharkBot Malware here are some recommendations:
- Install apps from official and verified publishers
- Install an up-to-date anti-virus program
- Do not fill in forms that are suspicious or pop up on your phone
- Do not install apps from emails
Malware on Android devices is a continuing problem that you need to be aware of. You need to use a reputable antivirus scanner on your devices to help protect you from malware. Remember, the antivirus app needs to know about the malware to be able to catch it. If the malware is new, the antivirus scanner will not pick up the new malware. You need to stay vigilant when installing Android apps onto your devices. Cyber attackers continue to change strategies and tactics so it is good to read up on the current trends in the world. It is also important to stay up-to-date with the latest threats.
If you have any questions, please let me know below. Thanks for reading.