The spyware known as Mister Phone Cleaner and Kylhavy Mobile Security, which is making the rounds on Google Play disguised as apps, poses a threat to banking and cryptocurrency-related apps. The malware has the ability to harvest cookies from accounts and avoid user-input-required authentication techniques like fingerprints. Once installed, the malware, also known as the SharkBot dropper, is used to infect users' devices. Malware expert Alberto Segura warned Android users on Twitter about the reappearance of the dangerous software.
According to Segura, once installed, the virus disables the "log-in with your fingerprint" dialogues, requiring users to enter their password and username instead. Malware called SharkBot is able to avoid two-factor authentication.
According to the Google Play store statistics, the Mister Phone Cleaner app has been downloaded more than 50,000 times. A blue logo with a white and blue broom is used to represent it. The Kylhavy Mobile Security app does not appear in India, even though it has supposedly received over 10,000 downloads, even though it is accessible on the Play Store in India for this app.
Segura wrote in a blog post, "This new Sharkbot dropper asks the user to install the malware as a phoney update for the antivirus to be protected against threats."
The primary objective of the SharkBot malware, according to Cleafy Labs, an online fraud management company, was "to initiate money transfers from the compromised devices via Automatic Transfer Systems (ATS) technique evading multi-factor authentication mechanisms."
Since using mobile apps to control smartphones is simple, many con artists have been using them to prey on unsuspecting people.
US legislators sent letters to tech giants Apple and Google in July requesting information on cryptocurrency-related apps that are available on the App Store and Play Store, respectively. Senator Sherrod Brown, the chair of the Senate Banking Committee, urged the businesses in these letters to detail how they deal with potentially hazardous apps that might be pushing cryptocurrency scams.
"Cyber thieves have constructed bogus smartphone apps using the names, logos, and other identifying information of cryptocurrency organisations. In his letters to the internet behemoths, Brown argued that it was crucial that app stores have the necessary measures in place to guard against fraudulent mobile application activity.
After they were found to be bitcoin fraud apps last year, Google Play deleted eight misleading cryptocurrency apps. These applications included Bitcoin 2021, MineBit Pro - Crypto Cloud Mining & BTC miner, Bitcoin Miner - Cloud Mining, Bitcoin (BTC) - Pool Mining Cloud Wallet, Crypto Holic - Bitcoin Cloud Mining, Daily Bitcoin Rewards - Cloud Based Mining System, and Ethereum (ETH) - Pool Mining Cloud.