Android smartphone users have been issued an urgent warning about downloading apps which could contain invasive SharkBot malware, with thousands already at risk.
SharkBot is a banking trojan which was first discovered in 2018.
At the time, the malicious app targeted cryptocurrency apps, where it would steal the victims' login information. This allowed hackers to use the victims' accounts.
Now the SharkBot malware has returned to the Google Play Store, after cyber criminals have dodged intense security measures - with apps only becoming infected with the bug once downloaded and installed.
The virus, which initially surfaced in March earlier this year, has made its way onto two applications which Android users are being urged to delete immediately for their own safety, The Daily Record reports.
The Mister Phone Cleaner app and Kylhavy Mobile Security app have both been found to be infected with the malware, according to software experts Fox-IT who first made the discovery.
It works by asking smartphone users to install the malware as an update for antivirus apps.
But the update is a fake, and turns the apps into information-stealing tools for criminals.
It mostly affects users in the US, Spain, Australia, Poland, Germany and Austria.
Google has since banned these apps, but anyone with the software still on their phone or tablet should act fast to avoid becoming a victim of cyber crime.
Once installed unknowingly, SharkBot can funnel money from mobile bank accounts, while also creating bogus logins for online services.
This lets hackers steal sensitive information such as usernames and password.
Speaking about the attack, Fox-IT's Alberto Segura said: "This new version asks the victim to install the malware as a fake update for the antivirus to stay protected against threats.
"We have found two SharkbotDopper apps active in Google Play Store, with 10,000 and 50,000 installs each of them."
If you think you may have downloaded these apps then make sure you delete them without delay and check any permissions you may have granted it. It's also worth checking your bank account for any strange transactions - no matter how little or large.
How to delete apps on Android:
- Open the Google Play Store app.
- At the top right, tap the profile icon.
- Tap Manage apps and devices. Manage.
- Tap the name of the app that you want to delete.
- Tap Uninstall.
Earlier this year The Mirror reported a cybersecurity expert's advice on how to keep your data safe online - and it turns out there are some Facebook posts you should definitely avoid.
From asking for the name of your first pet to location-specific posts, there are plenty of sneaky ways for hackers to steal your info without your knowledge.
Security expert Javvad Malik shared five posts that you should absolutely avoid, and some are more common than you might think.
Javvad, who runs security awareness at KnowBe4, said that if you give too much information away online then hackers could use it to extort you, or worse.
