SharkBot Attack: Cyber Researchers Discover New Malware Targetting Banking Apps on Android Phones

© REUTERS / Dado Ruvic/Illustration3D printed Android mascot Bugdroid
3D printed Android mascot Bugdroid - Sputnik International, 1920, 16.11.2021
Subscribe
New generation SharkBot malware enables cyber criminals to complete auto-fill fields in banking apps in order to steal money.
Several people across the UK, Italy, and the US have reportedly fallen victim to newly discovered malware known as SharkBot that infects banking apps on Android smartphones, stealing users' funds and financial data.
After months of investigation, cyber experts and researchers from cybersecurity firm Cleafy tracked down the SharkBot malware in October. It appears to have a very low detection rate by antivirus programmes.

"The main goal of SharkBot is to initiate money transfers from the compromised devices via Automatic Transfer Systems (ATS) technique bypassing multi-factor authentication mechanisms," the researchers from Cleafy said.

SharkBot not only gives cyber criminals access to victims' smartphones so they can steal money, bank credentials, and cryptocurrency, it also intercepts or hides incoming SMS messages, preventing users from seeing warning notifications from their banks.
The rampant malware attacks on smartphones have been facilitated by new and advanced cyberattack techniques, like that known as automatic transfer system (ATS), which enables attackers to auto-fill fields in legitimate mobile banking apps and transfer money from compromised devices.

"With the discovery of SharkBot, we have shown new evidence about how mobile malware [is] quickly finding new ways to perform fraud, trying to bypass behavioural detection countermeasures put in place by multiple banks and financial services during the last years," Cleafy said.

Like SharkBot, another banking trojan – Gustuff – was discovered in 2019, which reportedly attacked several banking and cryptocurrency apps on smartphones.
Newsfeed
0
To participate in the discussion
log in or register
loader
Chats
Заголовок открываемого материала