Skip to Content
password stealing apps
© Iryna Shatilova | Dreamstime.com
Security & privacy

More password-stealing apps spotted – Check your phone

You probably have apps on your phone that you never use or perform the same function as programs that came with your device. All those extra apps are just slowing things down. Tap or click here for steps to keep your phone fast and safe.

When it comes to malicious apps, Android users need to be more careful than Apple fans. One reason is there are more Android users globally, so cybercriminals see them as a more promising target.

As you may have already guessed, more bad apps have been found in the Google Play Store. These are designed to steal your passwords. Read on to find out what you should do next to stay protected.

Here’s the backstory

We always advise only to download apps from the official Google Play Store. That’s because Google has a more robust vetting process than third-party app stores. But sometimes, bad apps will slip through the cracks.

A malicious app risks your devices being infected with malware, and some can steal things like banking passwords to social media credentials. According to Bitdefender researchers, criminals have been using dropper apps recently to spread the SharkBot banking Trojan.

The problem has grown since October. Several apps hiding SharkBot have been spotted in the Google Play Store and have been downloaded more than 130,000 times.

One such app is a file manager application that requests permission to install external packages, a standard request for this type of app. 

Bitdefender explained that permission is then used to infect your device with malware. It helps bypass Google’s security checks in the Play Store. You see, the apps are clean when you download them, so the malicious activity isn’t detected.

But once the app is on your device and you permit it to install external packages, it will infect your gadget with malware. It’s quite devious. This scheme was spotted targeting people in Italy. However, it can expand globally whenever the bad actors choose. So you must be vigilant.

Malicious apps found in Google Play Store

In the case of the Italian malware package, it checks whether the phone is in Italy. If it is, it launches a fake Google Play Store page impersonating the app page, including inflated reviews and downloads. 

This instance of SharkBot targets Italian users. However, the payload delivered still has banks from Italy, the U.K., Germany, Spain, Poland, Austria, U.S. and Australia in its target list.

Simply put, it is incredibly easy for hackers to target American users and steal their online account passwords, banking credentials and other personal information stored on their Android phones.

Here are some of the apps that Bitdefender found to be infected with SharkBot:

  • X-File Manager.
  • FileVoyager.
  • Phone AID, Cleaner, Booster 2.6 APK.
  • LiteCleanerM.

If you have any of these apps installed on your phone, you must remove them immediately. Here’s how:

  • Long-press an app, then tap App Info > Uninstall
  • Or go to Settings > Apps & Notifications to see a list of your apps and delete them the same way. 
  • You can also open the Google Play Store app and navigate to Menu > My apps & games. Tap on the app and hit Uninstall.

Ways to protect against malicious apps

With bad apps showing up on official app stores more regularly, it’s a good idea to take preventative measures to avoid falling victim. Here are a few steps you can take.

  • For Android users: Turn on Google Play Protect by heading to Google Play Store > Profile > Play Protect > Settings and turn on Scan apps with Play Protect.
  • Check your phone for security updates by going to Settings > System > System update.
  • Watch out for apps that use a similar logo to other popular apps or have similar functions. Also, check reviews to see if others are warning about suspicious activity.
  • Pay attention to permissions. Stay away if an app wants full access to your text messages or notifications. Tap or click here for Android phone settings that drastically improve your privacy.
  • Have trustworthy antivirus software on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan of TotalAV Internet Security for only $19 at ProtectWithKim.com. That’s over 85% off the regular price!

Keep reading

Tech security tip: How to remove malware from your phone or computer

Hackers are hiding malware in PNG files – Here’s what to watch for

cryptocurrency e-book hero

New eBook: ‘Cryptocurrency 101’

Don't want to lose your dough to crypto? Check out my new eBook, "Cryptocurrency 101." I walk you through buying, selling, mining and more!

Check it out