Google takes action on fake antivirus Android apps


If you want to keep safe, here are some tips.

Android antivirus applications have been found to be propagating malware that targets and steals financial information from users.

Experts in the field of computer forensics It was revealed that several apps on the Google Play Store were disseminating malware known as Sharkbot by Check Point Research(opens in new tab). When active, this virus may steal bank information and Android user credentials from an unwitting phone when the app it’s hidden in is loaded.


Users are tricked by false forms, which are then transmitted back to the command and control server, where they may be abused by hackers and cyber criminals in the future.

They include “Antivirus Super Cleaner,” “Alpha Antivirus, Cleaner,” “Atom Clean-Booster,” “Antivirus,” “Center Security,” and “Powerful Cleaner, Antivirus”

(Image credit: Check Point Research)

Around 15,000 people have downloaded and installed these bogus apps, according to Check Point Research. A malicious programme has been actively abused, hence this is malware.


Despite the fact that Google was made aware of the malicious applications and has now deleted them from its Play Store, the harm appears to have already been done.

In spite of Google’s quick response, which deleted applications tied to threat actors’ accounts, new droppers from various accounts attempted to infiltrate Google Play. According to Check Point researchers Alex Shamshur and Raman Ladutska, “the harm from 15,000 thousand installations had already been done.”

As Check Point discovered, the malware dropper employed geofencing to keep Sharkbot from targeting users in China, India, Romania, Russia, Ukraine or Belarus. This is rather interesting. Malware spread mostly to computers in Italy and the United Kingdom, according to reports. The virus may have been able to infect the Google Play Store because of this strategy.


Hidden Android spyware can infect your device.

Having an antivirus app installed on your smartphone is a common piece of cyber security advice. Researchers, on the other hand, say it’s not always that simple.

There is no assurance that a new AV solution that surfaces on Google Play today will not turn out to be a malware spreading menace in the future. With the Sharkbot spyware, we were able to see exactly what we were looking for.” Rather than uploading the virus directly to Google Play, the intermediary link masquerades as a genuine application in this spreading method.”

When it comes to protecting oneself from cyberattacks, what are some of the best ways to do so? “Install apps exclusively from trusted and verified publishers” is what Check Point recommends. If you’re interested in an app from a new publisher, look for similar apps from a well-known developer. In addition, Check Point advises users to notify Google of any dubious apps they come across.


And if you have any doubts about the validity of an Android app, we recommend that you steer clear of it entirely—especially if it needs side-loading.

Please check out our comprehensive guide to the best antivirus software on the market, which covers both free and paid options.


Leave a Comment