Malware on Android: Fake file manager that steals bank details removed from Play Store

Malware on Android: Fake file manager that steals bank details removed from Play Store

Google has removed “disguised” malware from file managers from the official Android store. In a report published last week, cybersecurity firm Bitdefender detailed how the fake apps work, warning that some were downloaded over 10,000 times before being banned from the Play Store🇧🇷

According to experts, the fake applications used malware known as “SharkBot”, known for using fake web pages to steal user bank details without raising suspicions, after all, they were just “file managers”. In all, four applications were discovered with the malicious agent in question.

(Image: Bitdefender)

One of those infected with SharkBot was X-File Manager, a fake application manager published by a developer who identified himself as “Viktor Soft Ice LLC”. This app bypassed Google’s security by using codes that bypassed the application detection system with emulation — a common practice that hides its true nature.

X-File Manager, like a legitimate file manager, required sensitive user permissions, such as reading and writing storage and accessing account information. With these attributes, the app could access any file on the Android smartphone or tablet’s internal or external storage.

The other applications identified with this malware are the file manager “FileVoyager” and the system cleaning assistants “LiteCleaner M” and “Phone AID, Cleaner, Booster 2.6”. These titles mostly targeted victims from European countries.

The United Kingdom is the region with the highest distribution of SharkBot malware (Image: Bitdefender)

Ideally, users should not install third-party file managers that do not have a good reputation on the platform. Files by Google is an example of a legitimate application developed by the big tech itself for Android, offering features such as cleaning storage, indexed file search and much more.

>#wrapperApp {-webkit-box-shadow: 0px 0px 5px 1px rgba(0,0,0,0.23);-moz-box-shadow: 0px 0px 5px 1px rgba(0,0,0,0.23);box- shadow: 0px 0px 5px 1px rgba(0,0,0,0.23);padding: 5px;background-color: white;display: flex;height:155px;}#appImage { width: 25%;} #appLogo { width: 154px;height: 154px;}#appDetails { flex-grow: 1;padding-left:1px;}#name {font-size:150%;}#price, #developer, #tamanho {font-size:80%; }#links{flex-grow: 1;padding-left:50px;}.lojaImg {width: 35px;height: 35px;margin-right:3px;vertical-align:middle;}.lojaImgWindows {width: 27px;height: 27px;margin-left:3px;padding-right:6px;vertical-align:middle;}.storesdivs {margin: 5px;margin-bottom:10px;}.storeslinkmobile {margin-right: 6px;}.stores {margin- right:6px;margin-top:1px;}#lojasmobile{display:none;} @media only screen and (max-device-width: 480px) { #wrapperApp {height:auto;}#appDetalhes {padding-left:42px ;}#lojasmobile {display:block;}#lojalinkmobile {font-size:85%}#nome {pading-bottom:4px;margin-bottom:4px;font-size:110%;}#p reco, #developer, #tamanho {display:none;}.stores{display:none;}.lojaImg {width: 19px;height: 19px;}.lojaImgWindows{width: 19px;height: 17px;}#appLogo {width: 115px;height: 125px;} }

Previous article13th generation Intel Core: new processors leak with up to 6.0 GHz and prices that reach BRL 4 thousand
Next articleCloud-native development: Register now for the Developer Experience
Expert tech and gaming writer, blending computer science expertise