The so-called viruses Xenomorph or Sharkbot and Vultur They can create security breaches when installed on devices through applications and can transmit users’ bank account information to cybercriminals.
According to the Bitdefender report, these platforms can download malware information “in parts” after they have been installed on smartphones, which means that neither the Play Store nor the phone system detects them.
The appearance of file managers that cybercriminals choose to introduce malware is not a random decision. Because one of the indicators of identifying a malicious app is the number of permissions it requests, an administrator is more likely to request access to files than other types of apps like games or flashlights.
In this case, the malicious applications are “X-File Manager”, “FileVoyager”, “Phone AID, Cleaner, Booster” and “LiteCleanr M”, who use a semblance of reliability generated by positive reviews of up to five stars on the platform. from Play Store that they claim are useful for other users, which are actually fake accounts.
According to Bitdefender, these applications seek the user to download an update as soon as it is installed on the device. However, this is not located on a Google server but on another that allows the installation of the malware, with which the infection of the device has been completed in a few minutes. Sharkbot is already on the smartphone and the victim has not noticed it.
When the installation is finished, the application initiates the request to a greater number of aspects of the phone, the most relevant being the access to SMS. This is crucial for the theft of banking information because with this permission the malware can circumvent the two-factor authentication of bank applications: it will be able to read the confirmation codes, passwords and cookies of the users.
Applications of this type are not only after users’ money from the beginning, but also all kinds of personal information that they can obtain from a device and that can be used for cybercriminals to obtain some financial gain as a result of extortion or violation. bank security.
That is why it is important to identify them so as not to download them even when it seems that they are reliable based on recommendations from others. During an exclusive interview with Infobae, David Agranovich, global director of Security Policy at Meta, shared three questions that Meta invites people to ask themselves every time they try to download an application:
– The first one is, what is the point of connecting to a social media account? Some, such as flashlights or information organizers, would not have to request this type of permit because they do not represent a necessity for their operation.
– What is your reputation? This is an important question, but one that needs to be addressed. Many malicious apps often have, as mentioned above, fake accounts with good reviews. However, the most important according to Agranovich are the negative ones.
– Is the app too good to be true? If the answer is yes, then most likely it is. If it promises a lot of benefits for free then it may have other intentions.