These Fake Android File Manager Apps Steal Banking Logins

These Fake Android File Manager Apps Steal Banking Logins
BGR may earn an affiliate commission if you purchase a product or service that has been verified by an independent company through a link on our website. © BGR google pixel 7 apps © BGR by Google Apps for Pixel 7

Android device owners beware. More malware has been found in the Google Play Store. The Bitdefender cybersecurity team reports that several fake Android file manager apps infect Android devices with SharkBot banking malware. These fake apps are no longer available in the store, but they may still be on your phone. Store page screenshots show that this malware has been downloaded by thousands of Android users.

As Bleeping Computer explains, SharkBot malware attempts to hijack bank accounts by displaying fake login forms on top of login requests to legitimate banking applications. If you enter your username and password in a fake form, it will be sent to a hacker who can use it to break into your account and steal your money.

In September, we warned about SharkBot malware masquerading as a phone cleaner. Now the attackers seem to have moved on to the file management software. One such app (no longer available on Google Play) was X-File Manager, which has been downloaded over 10,000 times.

Users should not hesitate when downloading the software. The app requires a number of invasive permissions, including reading and writing external storage, installing and removing packages, and accessing account information. But it is a file manager. Logically, this would require more permissions than a typical productivity app.

Finally, the program downloads the malicious payload and prompts the user to install the update. In fact, the user installs the SharkBot malware.

According to Bitdefender, this campaign is specifically targeting users in the United Kingdom and Ireland. If the software detects a SIM card from these regions, it will download malware. Banking applications targeted by the company include Barclays, Bank of Ireland Mobile Banking, Santander Mobile Banking and HSBC UK Mobile Banking.

Bitdefender claims that infected Android devices include FileVoyager, Phone AID, Cleaner, Booster, and LiteCleaner M. If you have any of these apps on your Android device, remove them as soon as possible.

Read more . 4 Serious Android malware has been found on Google Play

The best deals from BGR

  1. Oh, the insane 65 Prime Access sales that Amazon forgot to end!
  2. The six best gaming laptops of 2022
  3. Top 10 netflix. The most famous series in the world now
For more stories like this, follow us on MSN by clicking the button at the top of this page.

Click here to read the full article.

Watch these hackers break into ATMs in seconds