Skip to Content
Delete these malicious antivirus apps now before they steal your banking information
© Dragoscondrea |
Security & privacy

Check your phone – Antivirus apps caught spreading banking malware

When it comes to smartphone apps, proceed at your own risk. When you decide to download an app, even if it’s from a trusted source, you could be exposing your data, privacy and even financial information without knowing it.

If you’re considering getting into cryptocurrency, you must be extra careful. On its own, digital currency is a volatile and risky investment, but the risk goes up when scams are thrown into the mix. Tap or click here for our report on fake crypto apps and how to avoid them.

While some apps collect data or drain your battery, it gets worse. You may think everything is functioning as promised, but there’s some nefarious activity going on in the background. Some antivirus apps have recently been found in the Google Play Store that are not what they seem.

Antivirus? No, just the opposite

We recently reported on malicious apps that snuck through Google’s security check to find a place in the Play Store. These apps are designed to spread malware and steal information such as PINs, 2FA codes or login credentials. They also subscribe victims to services they didn’t sign up for and siphon funds that were supposedly invested.

Check Point Research (CPR) discovered six antivirus apps in the Play Store spreading Sharkbot banking malware. Sharkbot is a trojan that transfers funds from your account into a scammer’s account. This malware is mainly used to steal banking credentials, intercept text messages and control your phone.

RELATED: Dangerous antivirus app is hiding malware – Remove it from your phone now

In an email to, a spokesperson for CPR wrote that more than a thousand unique IP addresses of infected devices were uncovered during the investigation, mostly in the U.K. and Italy.

CPR cites Play Store statistics that show more than 11,000 downloads. But don’t think you’re safe if you live in the U.S., as problematic apps like these can appear anywhere.

The apps

Check Point Research

Sharkbot malware tricks you into entering your credentials by mimicking the input fields typically seen when filling out information. That data is then sent to a malicious server.

CPR provided a list of the six apps uncovered during its investigation:

  • Atom Clean-Booster, Antivirus
  • Antivirus, Super Cleaner
  • Alpha, Antivirus Cleaner
  • Powerful Cleaner, Antivirus
  • Two instances of Center Security – Antivirus

Four of the applications came from three developers: Zbynek Adamcik, Adelmio Pagnotto and Bingo Like Inc. CPR sent its report to Google and the apps were removed from the Play Store.

Don’t be a victim

Only download apps from official stores such as Google Play and Apple’s App Store. Even then, you should take your time before trusting anything at face value. Follow these tips to reduce your risk of getting scammed:

  • Read the reviews. If the rating is bad or you find any hint that the app may be a scam, move on.
  • Read any app’s permissions before installing it. Check for access to your personal information or any of your phone’s functions.
  • If your battery is draining faster than usual, the culprit may be an app you recently downloaded.
  • If you suspect an app is malicious, report it to the official app store.
  • Have trustworthy antivirus software on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan of TotalAV Internet Security for only $19 at That’s over 85% off the regular price!

Keep reading

Russia-Ukraine War scams are here – Here’s what to keep an eye out for

Malware in a popular Android app steals your Facebook credentials – Delete it now

Tech smarts in 2 minutes a day

Get my Daily Tech Update and the Digital Life Hack. Just one minute each and arm you with the tech knowledge you need to impress your boss and friends with how smart you are.