Technology

Ces malicious applications disclosed in antivirus font des ravages sur Android

Six malicious antivirus applications ont été retirées de la boutique d’applications Google Play. For cause, in lieu of protecting users against cybercriminels, they actually serve as a diffuser of malicious software for voler les mots de passe, les coordonnées banking et d’autres personal informations des utilisateurs d’Android.

Ces malveillantes applications ont été repérées par les chercheurs en cybersécurité de Check Point. Right now, they were downloaded after Google’s official application boutique for more than 15,000 users, who were infected by the malicious Android Sharkbot software.

Vol of sensitive données

Sharkbot is conçu pour voler des noms d’utilisateur et des mots de passe, in inciting the victims to know the informations d’identification dans des fenetres superposées que renvoient les informations aux attackers. Ces derniers peuvent ensuite les utiliser pour accéder à des e-mails, des réseaux sociaux ou, pire, des comptes bancaires en ligne.

The six malicious applications discovered by the visaient chercheurs to attirer the Android users to the search of antivirus, nettoyeurs and security applications.

It is possible that the victims still receive the liens d’hameçonnage which are directed at the download pages of the applications infested by Sharkbot. The applications ont pu contour the protections of the Google Play boutique, the behavior malveillant des applications n’étant activated qu’une fois qu’elles ont été lécharged by a user and that l’application avec les serveurs gérés par les attackers.

Des applications toujours available

« Nous pensons qu’ils ont pu le faire parce que toutes les malveillantes actions ont été déclenchées à part du serveur C&C, so that the application may remain à l’état “OFF” pending a test period dans Google Play et se Mettre à l’état “ON” lorsqu’elle arrivait sur les appareils des utilisateurs », explains Alexander Chailytko, head of cybersecurity, research and innovation chez Check Point Software, questioned by .

I believe that Sharkbot will not infect all of you by downloading it: it uses a geofencing function for identifier and ignores users from China, India, Roumanie, Russia, Ukraine or Belarus. Entre-temps, the plupart des victims que ont lécharged Sharkbot semblent was found au Royaume-Uni et en Italie. After identifying the applications, Check Point communicated their findings to Google, which removed the six applications from the Google Play Store.

Although the applications infected by Sharkbot have been withdrawn from the official Google March, they remain actively available on the site tiers, so users may find they are added to the downloaders.

What faire in cas d’infection?

If you think you have downloaded a malicious application, you should immediately uninstall it, download a legitimate antivirus program to analyze your device and modify the reasons for passing the comptes that you have downloaded.

In case you do not know if you are a telecharger or if it is legitimate for an application, please let us know about your utility and help you, if the application is not legitimate, please let me know.

Source: .com

Woodmart Theme Nulled, WP Reset Pro, Newspaper 11.2, Newspaper – News & WooCommerce WordPress Theme, Premium Addons for Elementor, Rank Math Seo Pro Weadown, WeaPlay, WordPress Theme, Plugins, PHP Script, Jannah Nulled, Elementor Pro Weadown, Woocommerce Custom Product Ad, Business Consulting Nulled, Jnews 8.1.0 Nulled, Avada 7.4 Nulled, Nulledfire, Dokan Pro Nulled, Yoast Nulled, Flatsome Nulled, PW WooCommerce Gift Cards Pro Nulled, Astra Pro Nulled, Woodmart Theme Nulled, Slider Revolution Nulled, Wordfence Premium Nulled, Elementor Pro Weadown, Wpml Nulled, Consulting 6.1.4 Nulled, Fs Poster Plugin Nulled

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker.