If you have an Android phone, you must be vigilant against malware and take the utmost care when installing apps. But even then, it can be tricky as a dangerous malware variant from earlier this year is back.
In April, cybersecurity researchers found SharkBot malware hiding in seemingly ordinary apps in the Google Play Store. While Google quickly removed the infected applications, a new batch of malicious apps has popped up.
Read on to learn what the latest version of SharkBot is capable of and what you can do to stay safe.
Here’s the backstory
The previous version of SharkBot tricks you into entering login details to social media networks through fake apps, but the new version targets banking apps. The scammers are also more careful about Google’s malware detection, using a new system to load malicious code on your phone.
The initial download contains no malware, allowing it to surpass Google’s automatic review process. But the malware is then added with an app update. Clever. The new version of SharkBot was found in the following two apps:
- Mister Phone Cleaner.
- Kylhavy Mobile Security.
Together the apps have more than 60,000 downloads. In a blog post by Fox IT, security researchers explain that the malware can capture keystrokes, intercept text messages and “automatically make financial transactions using the victim’s device.”
Researchers have discovered these malicious apps in the U.S., Spain, Australia, Poland, Germany and Austria.
What you can do about it
Even though official app stores like Apple’s App Store and the Google Play Store have more robust security protocols than third-party libraries, malicious apps can sneak into them occasionally. That’s why it’s a good idea to be prepared for anything.
Here are ways to protect against malicious apps:
- For Android users: Turn on Google Play Protect by heading to Google Play Store > Profile > Play Protect > Settings and turn on Scan apps with Play Protect.
- Check your phone for security updates by going to Settings > System > System update.
- Watch out for apps that use a similar logo to other popular apps or have similar functions. Also, check reviews to see if others are warning about suspicious activity.
- Pay attention to permissions. Stay away if an app wants full access to your text messages or notifications. Tap or click here for Android phone settings that drastically improve your privacy.
- Have trustworthy antivirus software on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan of TotalAV Internet Security for only $19 at ProtectWithKim.com. That’s over 85% off the regular price!