Cybersecurity firm Bitdefender has reported, through their website, of the discovery of four new mobile applications that have been infected by a banking Trojan to steal your data. specifically for sharkbot, one of the most recurring for several months now because it is quite difficult to detect in the eyes of the common user. And it is that, as reported by the company, it induces you to enter your bank access data in an apparently benign window with the aim of obtaining them. In this way, cybercriminals can access your bank account without raising any suspicion and make purchases with your card or even extract all the money they think is appropriate.
Despite the fact that none of these four applications exceeds 15,000 downloads in both the Android and iOS app stores, any of them could have ended up on your mobile phone because they seem quite reliable. While some promise to be a very practical file manager to have all your documents at hand, others have supposedly been designed to clean up the files on your device that you no longer need or even to speed up your mobile’s performance. For that same reason, it is recommended that you take a look at the different apps that you have on your mobile phone to verify that you do not actually have them on your mobile phone. Although they have been distributed mainly in countries such as Italy, Germany or the United Kingdom, they could also have reached Spain.
These are the four compromised applications
According to Bitdefender, the applications that have been compromised by this Trojan have been X File Manager (10,000 downloads), FileVoyager (5,000 downloads)Phone AID, Cleaner, Booster (1,000 downloads) Y LiteCleanr M (1,000 downloads). But the problem is not in the application per se, but in an update of the same through which cybercriminals install the Trojan on your mobile phone. After installing any of them on your device, the apps will suggest you download an update to improve their performance.
However, what they actually do is install a Trojan on the mobile phone. From BitDefender they explain that the update is done from servers other than Google with the aim of giving extra reliability and going completely unnoticed in the eyes of the user in question. After the victim installs this update, the banking Trojan will begin to request a series of permissions that will later allow it to access the innards of the mobile phone and steal what is necessary.
How to avoid falling for these types of scams
Among other things, the update of this application will ask you for access to read the external storage, to write on it and even to access the different passwords. In this way, cybercriminals on the other side of the screen will be able to access its entrails and carry out all kinds of actions without the user in question noticing. Despite the fact that these four applications have been removed from both the Google and iOS app stores, they are still available on third-party websites. For that very reason, and if you face any of them, we advise you not to install them.
In case you have already done so, delete it immediately and check if there have been any suspicious movements in your account. To avoid this type of attack, it is recommended to consult the reviews of the different applications in the stores before installing them. Thanks to this, you will be able to check first-hand if it is a scam or not and if you should finally download this app.