More password-stealing apps spotted – Check your phone

November 21, 2022

By Kim Komando

You probably have apps on your phone that you never use or perform the same function as programs that came with your device. All those extra apps are just slowing things down. Tap or click here for steps to keep your phone fast and safe.

When it comes to malicious apps, Android users need to be more careful than Apple fans. One reason is there are more Android users globally, so cybercriminals see them as a more promising target.

As you may have already guessed, more bad apps have been found in the Google Play Store. These are designed to steal your passwords. Read on to find out what you should do next to stay protected.

Here’s the backstory

We always advise only to download apps from the official Google Play Store. That’s because Google has a more robust vetting process than third-party app stores. But sometimes, bad apps will slip through the cracks.

A malicious app risks your devices being infected with malware, and some can steal things like banking passwords to social media credentials. According to Bitdefender researchers, criminals have been using dropper apps recently to spread the SharkBot banking Trojan.

The problem has grown since October. Several apps hiding SharkBot have been spotted in the Google Play Store and have been downloaded more than 130,000 times.

One such app is a file manager application that requests permission to install external packages, a standard request for this type of app. 

Bitdefender explained that permission is then used to infect your device with malware. It helps bypass Google’s security checks in the Play Store. You see, the apps are clean when you download them, so the malicious activity isn’t detected.

But once the app is on your device and you permit it to install external packages, it will infect your gadget with malware. It’s quite devious. This scheme was spotted targeting people in Italy. However, it can expand globally whenever the bad actors choose. So you must be vigilant.

Malicious apps found in Google Play Store

In the case of the Italian malware package, it checks whether the phone is in Italy. If it is, it launches a fake Google Play Store page impersonating the app page, including inflated reviews and downloads. 

This instance of SharkBot targets Italian users. However, the payload delivered still has banks from Italy, the U.K., Germany, Spain, Poland, Austria, U.S. and Australia in its target list.

Simply put, it is incredibly easy for hackers to target American users and steal their online account passwords, banking credentials and other personal information stored on their Android phones.

Here are some of the apps that Bitdefender found to be infected with SharkBot:

If you have any of these apps installed on your phone, you must remove them immediately. Here’s how:

Ways to protect against malicious apps

With bad apps showing up on official app stores more regularly, it’s a good idea to take preventative measures to avoid falling victim. Here are a few steps you can take.

Keep reading

Tech security tip: How to remove malware from your phone or computer

Hackers are hiding malware in PNG files – Here’s what to watch for

https://www.komando.com/tips/software-and-apps/password-stealing-apps-android/