News: Android antivirus apps caught spreading malware
Right where you would least expect it, malware developers are trying just about anything to install their malware on your technology. It was reported that Google has remove several fake apps from the Android Play Store after it was discovered they were actually malware in disguise as antivirus apps.
At least half a dozen apps available on the official Android marketplace were being used to spread malware, according to cybersecurity experts Check Point Research. These apps are:
- Atom Clean-Booster, Antivirus
- Antivirus, Super Cleaner
- Powerful Cleaner, Antivirus
- Center Security – Antivirus (two versions)
These apps were carrying a malware known as Sharkbot, a strain of malware that steals passwords and banking information. Trying to trick the user, it shares push notifications and offers fake login prompts in order to try and steal the users’ credentials.
Although they have since been removed from the Android store, it’s still important to remember that these apps are still active in unofficial markets, and Check Point have advised anyone who has downloaded and installed these apps to uninstall them immediately.
Downloading the app isn’t enough for the attackers to gain access to your credentials: the victim needs to grant the app permission for accessibility services, which is something the app tries to trick the victim into doing. These might be things such as login prompts that will pop up in order to trick the user into putting their details in.
Figures from the Google Play Store shows the apps have been downloaded 11,000 times in total, and more than 1000 unique infected endpoints were identified. Most of the victims are located in Italy and the UK, as some of the apps have geo-fencing features which ignore devices in certain countries, which researchers have used to believe the identity of the attackers may be in one of the countries where devices haven’t been affected. The accounts that uploaded the apps are:
- Zbnek Adamcik
- Adelmio Pagnotto
- Bingo Like Inc.
So how can I protect myself?
Antivirus and antimalware apps are essential to protect your devices from these attacks, and so with malware developers using antivirus apps like a Trojan horse in order to sneak into your devices, it’s important to only use antivirus apps that are trusted and accredited, such as Malware Bytes or Avast security. Lots of articles are available online advising which apps are the one to use and which to trust.
It's also just worth taking a second before putting any information into an app: think, why are my login details being asked for in this moment? Taking a few extra seconds just to consider the situation can help overcome that sensation of panic that these apps are designed to trigger.
Some business like ours will offer not just a supported service of their antivirus packages, but also we specialise in malware and antivirus removal in case the worst happens to you. Take a look at our cyber security services and find a plan that works for you.