{"id":145687,"date":"2022-09-05T21:23:44","date_gmt":"2022-09-06T02:23:44","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2022\/09\/fake-antivirus-and-cleaner-apps-caught-installing-sharkbot-android-banking-trojan"},"modified":"2022-09-05T21:23:44","modified_gmt":"2022-09-06T02:23:44","slug":"fake-antivirus-and-cleaner-apps-caught-installing-sharkbot-android-banking-trojan","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2022\/09\/fake-antivirus-and-cleaner-apps-caught-installing-sharkbot-android-banking-trojan","title":{"rendered":"Fake Antivirus and Cleaner Apps Caught Installing SharkBot Android Banking Trojan"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/fake-antivirus-and-cleaner-apps-caught-installing-sharkbot-android-banking-trojan.jpg\"><\/a><\/p>\n<p>The <a href=\"https:\/\/thehackernews.com\/2022\/08\/cybercriminals-developing-bugdrop.html\" rel=\"noopener\" target=\"_blank\">droppers<\/a> are designed to drop a new version of SharkBot, <a href=\"https:\/\/twitter.com\/ThreatFabric\/status\/1524767906780831750\" rel=\"noopener\" target=\"_blank\">dubbed V2<\/a> by Dutch security firm ThreatFabric, which features an updated command-and-control (C2) communication mechanism, a domain generation algorithm (DGA), and a fully refactored codebase.<\/p>\n<p>Fox-IT said it discovered a newer version 2.25 on August 22, 2022, that introduces a function to siphon cookies when victims log in to their bank accounts, while also removing the ability to automatically reply to incoming messages with links to the malware for propagation.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The droppers are designed to drop a new version of SharkBot, dubbed V2 by Dutch security firm ThreatFabric, which features an updated command-and-control (C2) communication mechanism, a domain generation algorithm (DGA), and a fully refactored codebase. Fox-IT said it discovered a newer version 2.25 on August 22, 2022, that introduces a function to siphon cookies [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34,45,41,6],"tags":[],"class_list":["post-145687","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode","category-finance","category-information-science","category-robotics-ai"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/145687","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=145687"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/145687\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=145687"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=145687"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=145687"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}