The Android malware SharkBot has attacked users across Europe and the United States. It mainly focus on stealing money via Android apps.
SharkBot Malware Attacks Banking Apps on Android
The cybersecurity researchers have issued a statement about SharkBot, saying “The main goal of SharkBot is to initiate money transfers from the compromised devices via Automatic Transfer Systems (ATS) technique bypassing multi-factor authentication mechanisms.” ATS is an Automatic Transfer System, an advanced attack technique that is new on Android. It enables the attackers to auto-fill fields in the legal mobile banking apps and transfers the money from the phone. The team says, the mechanisms are used to apply the users verification identity and authentication. SharkBot malware have low detection rate by antivirus solutions as multiple anti-analysis techniques are implemented. Once the attackers are successful in installing the SharkBot on the victim’s device, they can get all the sensitive baking details via the abuse of accessibility services. They get details like credentials, personal information, current balance, and more. SharkBot is a new generation of mobile malware, as it can perform ATS attacks in the devices. Already, this technique is seen in other banking trojans like Gustuff. The attackers installs the malicious app on the devices by using the side-loading technique and social engineering schemes. Earlier in October, the cybersecurity researchers from Cleafy and ThreatFabric found a malware after one of the domains used for its command and control servers. The malware was distributed from that time. It is said that SharkBot is a private botnet and is still in the early stage of development. So, beware of such banking apps on Android phone.