New malware 'SharkBot' attacking banking apps on Android phones
IANS 16 November 2021
Cybersecurity researchers have discovered a new Android Trojan that can circumvent multi-factor authentication on banking apps on smartphones, putting users' financial data and money at risk.
 
Called 'SharkBot', the Android malware has been found in attacks across Europe and the US, focused on stealing funds from mobile phones running the Google Android operating system.
 
"The main goal of SharkBot is to initiate money transfers from the compromised devices via Automatic Transfer Systems (ATS) technique bypassing multi-factor authentication mechanisms," the researchers from cyber security firm Cleafy said in a statement.
 
"These mechanisms are used to enforce users' identity verification and authentication, and are usually combined with behavioural detection techniques to identify suspicious money transfers," the team added.
 
'SharkBot' appears to have a very low detection rate by antivirus solutions since multiple anti-analysis techniques have been implemented.
 
"Once SharkBot is successfully installed in the victim's device, attackers can obtain sensitive banking information through the abuse of Accessibility Services, such as credentials, personal information, current balance, etc., but also to perform gestures on the infected device," the researchers informed.
 
'SharkBot' belongs to a "new" generation of mobile malware, as it is able to perform ATS attacks inside the infected device.
 
This technique has already been seen recently from other banking trojans, such as Gustuff.
 
ATS (Automatic Transfer System) is an advanced attack technique (fairly new on Android) which enables attackers to auto-fill fields in legitimate mobile banking apps and initiate money transfers from the compromised devices.
 
The malicious app is installed on the users' devices using both the side-loading technique and social engineering schemes, the report said.
 
Disclaimer: Information, facts or opinions expressed in this news article are presented as sourced from IANS and do not reflect views of Moneylife and hence Moneylife is not responsible or liable for the same. As a source and news provider, IANS is responsible for accuracy, completeness, suitability and validity of any information in this article.
Comments
Free Helpline
Legal Credit
Feedback