Installing an app on your Android smartphone only takes a couple of clicks, but you should be cautious. Some apps could load malware that could harm your phone. A report from Threat Fabric warns about five Android apps that could steal personal banking data stored on your smartphone.
These apps use a banking Trojan called Sharkbot to steal your login credentials, bank account number, and other financial information. This data helps the attackers to snatch money from your bank account. At a glance, these Trojan malware-loaded apps look like legitimate apps. Per the report, a malware dropper pretends to be an app to help you calculate taxes in Italy.
An app listed as Codice Fiscale in the Play Store with over 10,000 installs checks the country where your SIM is registered. If the phone has a SIM registered in Italy, it’ll open a shady Codice Fiscale Play Store web page.
Next, it’ll show you an update is available for the app, and tapping on it’ll begin loading the banking Trojan. Some browsers might warn about this malicious update before downloading it. No mischievous activity will occur if the code doesn’t match with Italy once.
While this app only targets users in Italy, another dropper app called ‘File Manager, Lite’ preys on banking apps used in the UK, Austria, Italy, Germany, Spain, Poland, the US, and Australia.
There’s another banking Trojan called Vultur, loaded with three malware droppers. Vultur keeps track of all taps and gestures you make on your phone. Like Sharbot, it also uses a fake update to load the malware on your phone. Remove these five apps from your phone immediately:
- Recover Audio, Images & Videos (100,000 downloads)
- Codice Fiscale 2022 (10,000 downloads)
- Zetter Authentication (10,000 downloads)
- File Manager Small, Lite (1,000 downloads)
- My Finances Tracker (1,000 downloads)