If you have any of these 4 apps on your mobile, delete them immediately


“SharkBot” is a new family of viruses that threatens Android through Trojans, and has already been discovered in at least four apps on Google Play.

A group of researchers specializing in cybersecurity from NCCGroup has discovered a new family of threats targeting Android users in the form of Trojans.

His name is “SharkBot”and to this day, has already been discovered in at least four applications present in the Google Play Store that accumulate tens of thousands of downloadsand that at the time of publishing this article have not yet been withdrawn from the store.

App drawer on the OnePlus 9

Applications on an Android mobile.

This is how SharkBot acts, the Trojan that can steal your bank details

SharkBot is a “new” generation of malware discovered by the NCC Group and other groups of researchers focused on cybersecurity. Today, Google has already been notified of its presence on Google Play, and it is a matter of time before the company decides to take action on the matter.

The malware was discovered in October 2021, and has since been reappearing in new apps discovered on the Play Store. According to the researchers, it is a malware that unrelated to other popular threats like Flubot or Cerberus.

When it comes to attacking, it uses an advanced technique that is not usually used by other Trojans targeting the Android platform: SharkBot’s main objective is to transfer money from compromised devices through automatic transfer systems. To do this, obtain the necessary permissions to be able to autofill text fields of banking apps and initiate money transfers.

The features of ATS –Automatic Transfer Systems– allow the malware to receive a list of events to simulate, and these will be simulated to perform the money transfers. Since this feature can be used to simulate taps/clicks and button presses, it can be used not only to transfer money automatically, but also to install other malicious applications or components.

In addition to infecting the device of the victim who decides to download the app from Google Play, SharkBot also has the ability to use the auto answer function from android to respond to any notification automaticallydistributing the malware download link to try to spread as much as possible.

  Xiaomi sells 270 thousand units of the Redmi Note 11T Pro in 1 hour

The Four apps discovered with malware inside they pose as applications of antivirus and digital junk “cleaners”. The most popular of all, called “Powerful Cleaner, Antivirus”, has been downloaded more than 50000 times through the store. The full list of apps is available below:

As can be verified, the apps appear to be identical to each other, and even the same promotional screenshots are used. The researchers claim that even the code seems to be a “copy-paste”. Needless to say, if you have any of these apps installed on your device, it is very important that delete it as soon as possible.

Related topics: Applications

disney logo

Sign up for Disney + for 8.99 euros and without permanence Subscribe to Disney+!