شارک بوٹ اینڈروئیڈ ٹروجن نے cryptocurrency چوری کی اور بینک اکاؤنٹس کو ہیکس کیا

Cleafy and ThreatFabric have discovered a new Android Trojan شارک بوٹ that uses the Accessibility service to steal credentials from banking and cryptocurrency applications in Italy, the United Kingdom and the United States.

ماہرین کے مطابق, the malware has been spreading since October 2021. The malware has not been seen in the official گوگل Play Store yet; instead, its operators seem to trick users into downloading and manually installing the application on their devices (side-loading). مثال کے طور پر, it is known that شارک بوٹ can disguise itself as a media player, streaming application, or data recovery applications.

After installing an application infected with SharkBot, the malware asks the user to grant it access to the Accessibility service. The malware uses the obtained rights to simulate screen touches and perform various malicious tasks, including: granting itself administrator rights, displaying fake login screens, keylogging, intercepting and hiding two-factor authentication SMS messages, as well as accessing banking and cryptocurrency applications for the purpose of transferring funds.

SharkBot is currently targeting 22 banking applications that are used in Italy and the UK, as well as five cryptocurrency related applications. ایک ہی وقت میں, cybersecurity experts write that the malware is still in the early stages of development.

مجھے آپ کو یاد دلانے دو کہ ہم نے یہ بھی لکھا ہے Newly discovered PhoneSpy Spyware Already Infected Over 1000 فونز, اور یہ کہ AbstractEmu Android malware “roots” smartphones and evades detection.