SharkBot Malware Reappears On Google Play, Targeting User’s Bank Logins
SharkBot malware’s newly updated version has reappeared in Google’s Play Store, which is targeting bank logins for Android users through apps.
Consequently, several users have downloaded more than thousands of banking apps and now, this upgraded malware targets the login page of such banking apps.
Downloaded App Penetrative Add-In Malware
Initially, the malware was present in two of the Android apps which do not get detected in Google’s automatic review. When the user’s installed such apps into the Android, the SharkBot gets automatically added to the user’s mobile phone.
Notably, researchers found that these two malicious apps are ‘Mister Phone Cleaner’ and ‘Kylhavy Mobile Security’ which already has almost 60,000 users.
Nevertheless, Google play has removed these apps, but users who downloaded the app should uninstall them immediately. Accordingly, when the user logs into their bank account, the malware steals their valid session cookie.
Cookies are valuable for taking control of the accounts because they contain software and location parameters. Afterward, the malware gets access to every bank’s information through the app.
Threat Actors to Third-Party Providers Have Stolen Customer Data at Key Bank
According to a letter that Cleveland-based KeyBank sent to mortgage customers,. hackers stole personal data that consisted of Social Security numbers, addresses, and account numbers of home mortgage holders at KeyBank.
On July 5, the hackers acquired the information after breaking into computers at the insurance services provider Overby-Seawell company. The bank is operating in 15 states and has close to $200 billion in assets, and will not be saying how many of its customers were impacted or be answerable for any other questions regarding the breach.
It claimed in a statement on August 4, it was informed of the data theft and that its systems and operations were not affected. With regards to phone messages and emails sent to executives seeking comment, Overby-Seawell hasn’t responded.
KeyBank, in a statement sent Friday to The Associated Press, said that Kennesaw, Georgia-based Overby-Seawell, had suffered a cybersecurity incident that compromised the data of its corporate clients. It hasn’t elaborated.
