These 2 dangerous Android programs have even fooled Google; Delete them now

Although Google Play Store is known as the safest app store for the Android operating system, sometimes there are dangerous apps on this platform. These two Android apps have recently been identified as an important threat.

The smartphones of Iranian users are sometimes full of dangerous malware that enters the phones due to users using unknown and unofficial sources. This has caused Iran to rank first among the most infected with mobile malware. However, Iranian users are not the only victims of dangerous Android apps, and Google Play Store, with its extraordinary security level, contains dangerous apps that endanger the security of users around the world. Recently, two dangerous Android programs have been identified, which until recently could be downloaded without any problems in the Google Play Store.

These two dangerous Android programs stole people’s bank information!

Again, as always, unknown cleaner and antivirus apps are known as dangerous Android apps. Mister Phone Cleaner and Kylhavy Mobile Security antivirus are dangerous Android apps that were downloaded more than 60,000 times. The main purpose of these two programs, which used an advanced version of the notorious Shockbot virus, was to steal users’ bank information.

Why didn’t Google Play Store suspect these programs?

The published information shows that these two dangerous Android programs did not contain any suspicious or dangerous code, and for this reason, Google’s malicious program detection system did not find any problems in these two programs. These programs did not act as a stand-alone virus on their own. Rather, by being installed on Android phones, they became a portal for the entry and activity of Sharkbot in the phone.

It is noteworthy that after downloading the programs by users, Mister Phone Cleaner and Kylhavy Mobile Security antivirus programs asked the user to install an in-app update to access the latest features and update the antivirus security. Installing this in-app update made the user unintentionally bring the Sharkbot virus to his phone.

Although Google Play Store finally noticed the use of these dangerous Android apps from Sharkbot malware and removed them, these two apps are still installed on the phones of many users. If you have installed these programs, you should remove them manually right now. If you are very worried about the security of your device, you can go to factory reset the phone. Of course, remember that by doing this, all your information will be completely deleted.

What is Sharkbot?

Sharkbot malware was first discovered in 2021. In March of that year, many Android apps in the Play Store were infected with this malware. This malware allowed attackers to remotely access critical information on the user’s phone. This information included text messages, contents displayed on the screen, etc. With access to this information, attackers could easily delete users’ accounts.

Although the first version of this program was detected and its danger was partially eliminated, the developers of this malware quickly started developing the second version. This version was seen in some dangerous Android apps in May and August this year. This version could obtain cookies from people’s bank account login information and due to the lack of access to Accessibility Services of the phone, it could not be detected easily by antiviruses.

Also, the developers of these malwares no longer install the malware directly and along with the APK file on the user’s phone. Rather, by using in-app updates, they made Google not suspect them at all. It is interesting to know that the SharkBot codes were also entered into the user’s phone in an encrypted form so that the internal antivirus of the Android phone would have a hard time identifying the dangerous SharkBot program.

This dangerous android virus program is spreading

Currently, this dangerous malware has targeted users from the United States of America, England, Australia, Poland, Germany, Austria, Italy, etc. However, it is better for Iranian users to be careful so that this dangerous malware does not threaten their banking information in the future.

We suggest that you always install the security updates of your phone on time for more security. Get your mobile bank apps only from the official and main website of your bank and don’t trust unreliable sites in any way. Be careful to download programs that have in-app updates and do not go for unknown programs.