top of page
  • Admin

These 5 Five Android Apps Are Stealing Banking And Financial Information

Published: December 18, 2022 on our newsletter Security Fraud News & Alerts Newsletter.

According to Statista, there are approximately 134 million Android users in the United States. There’s a good chance that these users have downloaded a variety of apps to either streamline their lives or access entertainment options. After all, that’s one of the really great things about technology. However, it doesn’t come without its issues. According to the latest announcement from Cybersecurity firm Threat Fabric, some Android users may inadvertently be exposing their banking account details to cybercriminals, courtesy of 5 Trojan malware-loaded apps that engage in screen recording and keystroke logging.

How do they do it? These apps may direct users to seemingly legitimate sites – but trouble awaits the unwary. The Trojans are part of a recently identified new family of malware known as Vultur and Sharkbot. If those sound ominous, there’s good reason, they are as threatening as their names suggest.

The Vultur malware reportedly automatically opens a web page and to make it really easy on you, it clicks on advertisements for you. Sharkbot is able to access and gather information about the victim's device - including contacts, information about Wi-Fi networks, banking login credentials, bank account numbers, and other financial information.

Even more worryingly, both Sharkbot and Vultur can intercept incoming text messages, which are often used for verification purposes by financial institutions.

How does it work?

Sharkbot is designed to obtain and misuse financial data by redirecting and initiating money transfers without the Android user's knowledge. The app will continuously display pop-up windows requesting permission to use downloaded app services.

Then Sharkbot malware attempts to make financial transactions via the commonly used Automatic Transfer Systems feature. It allows cybercriminals to auto-fill form fields in financial apps and transfer money; all while bypassing the login and two-factor authentication features.

Take action now

Thankfully, the experts at Threat Fabric have identified the apps that host this family of malware. If you have any of these apps on your Android device, it is essential that you delete them immediately.

  • Recover Audio, Images and Videos

  • Zetter Authentication

  • Fiscale 2022

  • My Finances Tracker

  • File Manager - Small / Lite

The malware threat is ever-evolving. Unfortunately, autodetecting Vultur and Sharkbot is extremely difficult. However, ensuring some type of antivirus program is installed on all devices is crucial. Keep it updated, using the auto-update feature when possible. Then, there’s not need to remember to do it manually. In addition, regardless of what app is being considered, users are advised to exercise extreme caution when downloading apps. Don’t sideload by getting them from unofficial sources and always read reviews for any potential warnings.

Keep up to date: Sign up for our Fraud alerts and Updates newsletter

Want to schedule a conversation? Please email us at


bottom of page