Your Android phone may already be infected – look for these dangerous HIDDEN apps

DODGY apps that claim to protect people’s phones from cybercrime have actually been caught doing the dirty stuff themselves.

Experts have unmasked six apps masquerading as good antivirus tools.

If you have any of these apps, you should uninstall them now


If you have any of these apps, you should uninstall them nowPhoto credit: Check Point Research

But in reality, the software distributed banking malware designed to help hackers steal passwords and break into accounts.

The dubious apps were downloaded more than 11,000 times, according to Check Point Research, which uncovered the scam.

More than a third of the victims are believed to have come from the United Kingdom, and the remainder have mostly been traced back to Italy.

For the most part, they were found on Android.

Google has since removed the bunch, but that doesn’t protect anyone who’s already downloaded them.

The six apps are:

  • Atom Clean Booster, Antivirus
  • Antivirus, Super Cleaner
  • Alpha antivirus, cleaner
  • Powerful cleaner, antivirus
  • Center Security – Antivirus (available in two versions)

If you have them installed on your phone, you should remove the apps immediately and consider changing your passwords.

Malware called Sharkbot has been found lurking under the hood of the apps.

It is a banking Trojan known for tricking victims into entering their credentials in fake pop-ups.

The valuable data is then secretly sent to hackers, who can then access everything, including email, social media, and bank accounts.

Hackers “speak Russian”

Experts assume that the perpetrators from their investigations speak Russian.

Adding to the suspicion, they found that the apps were programmed not to work against people in China, India, Romania, Russia, Ukraine or Belarus.

But they said they didn’t have enough evidence to point a finger at who exactly was behind it.

“If we look at the number of installs, we can assume that the threat actor hit the mark with their method of spreading malware,” said Alexander Chailytko, cyber security at Check Point Software.

“The threat actor has strategically chosen a location for applications on Google Play that users trust.

“Also of note here is that the threat actors are sending messages with malicious links to the victims, resulting in widespread adoption.

Katie Price, pull yourself together for your kids, says Piers Morgan
Putin with'secret nuclear briefcase' - amid WW3 fears

“All in all, the threat actors’ use of push messages, which solicit a response from users, is an unusual propagation technique.

“I think it’s important for all Android users to know that they should think twice before downloading an antivirus solution from the Play Store.”

A third of the alleged victims live in the UK


A third of the alleged victims live in the UKPhoto credit: Getty
  • Read the latest phone and gadget news
  • Stay up to date on Apple stories
  • Get the latest on Facebook, WhatsApp and Instagram

The best tips and hacks for phones and gadgets

Looking for tips and hacks for your phone? Want to find these secret features in social media apps? We’ve got you covered…

We pay for your stories! Do you have a story for The Sun Online Tech & Science Team? Email us at Your Android phone may already be infected – look for these dangerous HIDDEN apps

Fry Electronics Team

Fry is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – The content will be deleted within 24 hours.

Related Articles

Back to top button