Google Removes 6 Apps Posing as Antivirus Apps, Used to Infect Phones With Sharkbot Malware

The apps accumulated a total of 15,000 downloads on the Google Play store before they were removed.

Advertisement
By David Delima | Updated: 8 April 2022 19:23 IST
Highlights
  • Sharkbot is a malware used to steal Android users’ credentials
  • The fake antivirus apps were used to download malicious payloads
  • Sharkbot is designed to target users in specific regions with geofencing
Google Removes 6 Apps Posing as Antivirus Apps, Used to Infect Phones With Sharkbot Malware

The researchers suggest that users should only download antivirus apps from reputed publishers

Photo Credit: Pexels/ Sora Shizamaki

Google has reportedly removed six apps infected with the Sharkbot bank stealer malware from the Google Play store. The apps were downloaded 15,000 times before they were ejected from the store. All six apps were designed to pose as antivirus solutions for Android smartphones and were designed to select targets using a geofencing feature, stealing their login credentials for various websites and services. These infected applications were reportedly used to target users in Italy and the United Kingdom.

According to a blog post by Check Point Research, six Android applications pretending to be genuine antivirus apps on the Google Play store were identified as “droppers” for the Sharkbot malware. Sharkbot is an Android Stealer that is used to infect devices and steal login credentials and payment details from unsuspecting users. After a dropper application is installed, it can be used to download a malicious payload and infect a user's device — evading detection from on the Play Store.

The six malicious applications that were removed from the Play Store
Photo Credit: Check Point Research

The Sharkbot malware used by the six fraudulent antivirus applications also used a ‘geofencing' feature that is used to target victims in specific regions. According to the team at Check Point Research, the Sharkbot malware is designed to identify and ignore users from China, India, Romania, Russia, Ukraine, or Belarus. The malware is reportedly capable of detecting when it is being run in a sandbox and stops execution and shuts down to prevent analysis.

Advertisement

Check Point Research identified six applications from three developer accounts — Zbynek Adamcik, Adelmio Pagnotto, and Bingo Like Inc. The team also cites statistics from AppBrain that reveals that the six applications were downloaded a total of 15,000 times before they were removed. Some of the applications from these developers are still available in third party markets, despite having been removed from Google Play.

Four malicious apps were discovered on February 25 and reported to Google on March 3. The applications were removed from the Play Store on March 9, according to Check Point Research. Meanwhile, two more Sharkbot dropper apps were discovered on March 15 and March 22 — both were reportedly removed on March 27.

Advertisement

The researchers stated that the apps had been downloaded 15,000 times before they were removed
Photo Credit: Check Point Research

Advertisement

The researchers also outlined a total of 22 commands used by the Sharkbot malware, including requesting permissions for SMS, downloading java code and installation files, updating local databases and configurations, uninstalling applications, harvesting contacts, disabling battery optimisation (to run in the background), and sending push notifications, listening for notifications. Notably, the Sharkbot malware can also ask for accessibility permissions, allowing it to see the contents of the screen and perform actions on the user's behalf.

According to the team at Check Point Research, users can stay safe from malware masquerading as legitimate software by only installing applications from trusted and verified publishers. If users find an application by a new publisher (with few downloads and reviews), it is better to look for a trusted alternative. Users can also report seemingly suspicious behaviour to Google, according to the researchers.


Gaana CEO and Spotify's India chief join us on Orbital, the Gadgets 360 podcast, to discuss India's unique music streaming landscape. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated - see our ethics statement for details.
 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Advertisement
Popular Mobile Brands
  1. Tecno Pova 7 5G, Pova 7 Pro 5G Launched in India: Price, Availability
  2. Here's How Much the Vivo X Fold 5 and Vivo X200 FE Might Cost in India
  3. The Good Wife OTT Release Date: When and Where to Watch it Online?
  4. Apple Plans to Launch M5-Powered MacBook Pro This Year: Report
  5. NxtQuantum Arrives as Made in India Mobile OS, to Debut on Its AI+ Phones
  6. OTT Releases This Week: Kaalidhar Laapata, Thug Life, The Good Wife, and More
  7. iQOO 13 Launched in india in Green Colourway: See Price, Availability
  8. Samsung Galaxy Z Fold 7 Hands-On Images Suggest It Might Sport This Design
  1. Mivi AI Buds TWS Earphones Launched in India With In-Built AI Assistant
  2. Samsung Galaxy Z Fold 7, Galaxy Z Flip 7 First-Party Cases and Screen Protectors Leaked: See Colours
  3. Nvidia Briefly on Track to Become World's Most Valuable Company Ever
  4. iQOO 13 Green Colour Variant Launched in India: Check Price, Availability
  5. Meta Poaches CEO of Ilya Sutskever's Startup in AI Talent War
  6. Google's AI Overviews Hit by EU Antitrust Complaint From Independent Publishers
  7. Baidu’s MuseStreamer AI Video Generation Model Takes on Google’s Veo 3 With Native Audio Support: Report
  8. Chinese Sales of Foreign Phone Makers, Including Apple's iPhone, Drop 9.7 Percent in May
  9. Huawei Watch Fit 4, Watch Fit 4 Pro Launched in India With In-Built GPS, Up to 10 Days of Battery Life
  10. YouTube to Revise Monetisation Policy to Target Mass-Produced and Repetitive Content
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.