Check Your Phone – Antivirus Apps Caught Spreading Banking Malware

Proceed at your own risk when it comes to smartphone apps. When you decide to download an app, even if it is from a trusted source, you can expose your data, privacy and even financial information without knowing it.

If you are considering getting into cryptocurrency, you need to be extra careful. On its own, digital currency is a volatile and risky investment, but the risk increases when scams are thrown into the mix. Tap or click here for our report on fake crypto apps and how to avoid them.

While some apps collect data or drain your battery, things get worse. You may think that everything is working as promised, but there is some nefarious activity going on in the background. Some antivirus apps have recently been found in the Google Play Store that are not what they seem.

Antivirus? No, just the opposite

We recently reported on malicious apps that sneaked through Google’s security check to find a place in the Play Store. These apps are designed to proliferate malware and steal information such as PINs, 2FA codes, or login credentials. They also enroll victims in services they have not signed up for and transfer funds that were supposedly invested.

Check Point Research (CPR) discovered six antivirus apps in the Play Store that were spreading Sharkbot banking malware. Sharkbot is a trojan that transfers money from your account to a scammer’s account. This malware is mainly used to steal banking information, intercept text messages and control your phone.

Your daily dose of tech smarts

Learn the tech tips and tricks only the pros know.

RELATED: Dangerous Antivirus App Hides Malware — Remove It From Your Phone Now

In an email to, a CPR spokesperson wrote that more than a thousand unique IP addresses of infected devices were discovered during the investigation, mainly in the UK and Italy.

CPR cites Play Store stats showing over 11,000 downloads. But don’t think you’re safe if you live in the US, as problematic apps like these can appear anywhere.

the apps

Sharkbot malware tricks you into entering your credentials by mimicking the input fields you usually see when entering information. That data is then sent to a malicious server.

CPR has provided a list of the six apps discovered during the investigation:

Atom Clean-Booster, AntivirusAntivirus, Super CleanerAlpha, Antivirus CleanerPowerful Cleaner, AntivirusTwo copies of Center Security – Antivirus

Four of the requests came from three developers: Zbynek Adamcik, Adelmio Pagnotto, and Bingo Like Inc. CPR sent its report to Google and the apps were removed from the Play Store.

Don’t be a victim

Only download apps from official stores such as Google Play and Apple’s App Store. Even then, you should take your time before trusting anything at face value. To reduce the risk of being scammed, follow these tips:

Read the reviews. If the rating is bad or you find any indication that the app may be a scam, move on. Read an app’s permissions before installing it. Check for access to your personal information or any of your phone’s features. If your battery is draining faster than usual, the culprit could be an app you recently downloaded. If you suspect that an app is malicious, report it to the official app store. Get reliable antivirus software on all your devices. We recommend our sponsor, TotalAV† Now, get an annual subscription of TotalAV Internet Security for only $19 at† That’s over 85% off the regular price!

keep reading

Russia-Ukraine War Scams Are Here – Here’s What To Watch Out For


Your daily dose of tech smarts

Learn the tech tips and tricks only the pros know.

Malware in a popular Android app is stealing your Facebook credentials – remove it now

Leave a Reply

Your email address will not be published.