BTC $58270.6324
ETH $3301.4664
BNB $400.6794
SOL $110.0515
XRP $0.5824
ADA $0.6271
AVAX $39.6830
DOGE $0.0970
TRX $0.1429
wstETH $3808.1443
DOT $8.3586
LINK $19.1334
WETH $3305.4834
MATIC $1.0428
UNI $11.0186
WBTC $57881.0446
IMX $3.3465
ICP $13.0316
BCH $301.2119
LTC $74.8427
CAKE $3.2026
ETC $28.3635
FIL $7.9610
LEO $4.4139
RNDR $7.4060
KAS $0.1700
HBAR $0.1136
DAI $1.0002
ATOM $11.3163
INJ $41.0291
VET $0.0502
TON $2.1419
OKB $51.8401
STX $3.2222
LDO $3.5190
FDUSD $0.9951
XMR $138.3902
XLM $0.1221
ARB $1.8935
NEAR $3.9358
TIA $16.9317
GRT $0.2829
WEMIX $2.2582
ENS $22.5313
MKR $2167.8555
APEX $2.4646
THETA $1.9298
BTC $58270.6324
ETH $3301.4664
BNB $400.6794
SOL $110.0515
XRP $0.5824
ADA $0.6271
AVAX $39.6830
DOGE $0.0970
TRX $0.1429
wstETH $3808.1443
DOT $8.3586
LINK $19.1334
WETH $3305.4834
MATIC $1.0428
UNI $11.0186
WBTC $57881.0446
IMX $3.3465
ICP $13.0316
BCH $301.2119
LTC $74.8427
CAKE $3.2026
ETC $28.3635
FIL $7.9610
LEO $4.4139
RNDR $7.4060
KAS $0.1700
HBAR $0.1136
DAI $1.0002
ATOM $11.3163
INJ $41.0291
VET $0.0502
TON $2.1419
OKB $51.8401
STX $3.2222
LDO $3.5190
FDUSD $0.9951
XMR $138.3902
XLM $0.1221
ARB $1.8935
NEAR $3.9358
TIA $16.9317
GRT $0.2829
WEMIX $2.2582
ENS $22.5313
MKR $2167.8555
APEX $2.4646
THETA $1.9298
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • The elusive SharkBot again swam into the still waters Google Play


    This time, the malware is disguised as file managers.

    Bitdefender reports that the SharkBot banking Trojan has resurfaced in the Google Play Store, this time posing as file managers. To bypass the app store's security mechanisms, malicious apps do not contain payloads, but act as droppers.

    One of the main goals of SharkBot is to take control of victims' accounts in banking applications and transfer money from their accounts using an automatic transfer service (ATS), in which it is possible to intercept the transaction and replace the recipient's account with an account controlled by attackers. In order to gain access to banking applications, the Trojan displays fake forms for entering credentials, which immediately send logins and passwords to malware operators.

    Below is a list of malicious apps that have already been removed from Google Play:

    X-File Manager (com.victorsoftice.llc) - 10,000+ downloads
    FileVoyager (com.potsepko9.FileManagerApp) - 5,000+ downloads
    LiteCleaner M (com.ltdevelopergroups.litecleaner.m) - 1,000+ downloads

    It is not surprising that the attackers' choice fell on file managers - this is how they lull the attention of users who calmly grant all the necessary permissions. The following banking applications are known to be attacked by SharkBot: Bank of Ireland, Bank of Scotland, Barclays, BNL, HSBC U.K., Lloyds Bank, Metro Bank and Santander.

    Users who have installed the aforementioned applications are advised by experts to immediately uninstall them and change passwords for all bank accounts. In addition, we recommend that you turn on the Play Store Protect feature and carefully study the ratings and reviews of apps before downloading them.

    Author DeepWeb
    Unit221b secretly helped victims of zeppelin ransomware for 2 years
    PoC exploit code for two dangerous vulnerabilities in Microsoft Exchange Server appeared on the network

    Comments 0

    Add comment