Mobile Antivirus Apps from Google Play Store Stealing User Information and Passwords
Check Point security researchers said the six apps had been downloaded over 15,000 times before Google removed them from its store following the cybersecurity firm’s disclosure. While users thought they were downloading mobile antivirus apps, they were actually installing the Sharkbot Android stealer, ironically.
Sharkbot works by convincing victims to enter their credentials in windows that mimic input forms, often when it detects banking apps are opened. It can also steal information by keylogging, intercepting SMS messages, and gaining full remote access.