Two additional Android antivirus apps have been found to carry the trojan, which is designed to steal online banking credentials.

The malware has been updated so it does not have to rely on the misuse of an Android device's accessibility permissions to install itself, but is delivered via an update to Mister Phone Cleaner, Kylhavy Mobile Security, NS Android banking trojan

Sharkbot can compromise their private banking details by injecting a fake login page when the official banking app is opened. If this happens, users might see a screen that looks unfamiliar, or at least differs slightly from the normal interface.

SharkBot logd key presses and send them to an external server and intercepts and hides text messages. It can also send out responses to received text and instant messages, spreading the malware via a shortened link.

Sharkbot can let attackers tap remotely into a user’s device, to autofill transaction forms within banking apps and set transfers in motion.

Fortunately it can be killed with a bog standard security scans using a reputable antivirus app for Android,