New week, new malware. This time, in the Google application store, two applications have been found that hide two dangerous malware that seek to empty your bank account without you noticing. Also, these apps masquerade as file explorers for users to download.
the two applications would accumulate 20,000 downloads within the Play Store, causing thousands of users to have them on their mobile phones and, therefore, have endangered the integrity of their devices. SharkBot and Octo are the malware that have infected these Applications and that endanger user accounts.
It has been ThreatFabric that have reported this situation, pointing out the applications that contain these malicious elements. Specifically, the applications are File Manager and File Manager Ice, in both cases they have gone through file explorers typical with which the content of mobile phones is managed.
ThreatFabric has already notified Google about these apps and is waiting for them to be removed from the Google app store. Google. Of course, having already 20,000, it is most likely that they are on the phones of thousands of users. In case this is the case, the best thing to do is to eliminate them as soon as possible.
ThreatFabric has discovered two new #dropper applications on the Google Play Store, with a combined count of over 20,000 reported installations. In both cases, these malicious apps posed as File Managers requesting to install an update. pic.twitter.com/SfcsyjeKeO
— ThreatFabric (@ThreatFabric) November 23, 2022
Delete these applications from your mobile phone or you will run out of money in your bank account
How do SharkBot and Octo work? Both malicious contents are not integrated into the applications and, for this reason, they have been able to pass all the protocols of the Google Play Store. What happens is that they have the necessary code so that the malware can be obtained once they are installed inside mobile phones.
Thus, the situation is as follows: you download the app in the Google store, it is installed on your mobile phone and when you are going to use it, what it does is download the necessary elements for the malware to do its thing. In addition, before this you will have given it the necessary permissions so that it can access your data.
As soon as it is fully operational, what it does is intercept the verification messages received so that it can later access the bank account application. The danger of Sharkbot and Octo is at the highest since not only information is stolen, can gain control of the user’s bank account and empty it in a matter of minutes.