Android users are being urged to exercise caution when downloading new apps, even those sourced from Google’s official Play Store, following a warning issued by security experts. Research by cybersecurity experts found more than 90 applications suspected of carrying the malicious Anatsa bug amongst other harmful malware.
Once installed within devices, this nefarious virus is designed to gain access to confidential banking and financial information via cunning overlay and accessibility schemes. This enables cyber attackers to discreetly gather and intercept data, leaving users oblivious until losses start occurring.
Dangerous apps, as highlighted by Zscaler ThreatLabz, have been downloaded in millions across both the UK and the US. The current crop accounting for over 5 million downloads with Anatsa particularly targeting banking applications, reports the Mirror.
READ MORE: HMRC refunds jump to £1,562 with hands-on workers most likely to be overtaxed
The deviousness of this kind of attack emanates from its “dropper technique” by which phones are infected. Initial encounters with the downloaded app would suggest no harm at all, while the infiltrating malware gets added through subsequent updates.
Cyber analysts Zscaler ThreatLabz, said: “We regularly monitor the Google Play store for malicious applications. Over the past few months, we identified and analyzed more than 90 malicious applications uploaded to the Google Play store. These malware-infected applications have collectively garnered over 5.5 million installs.
“This sophisticated malware employs dropper applications that appear benign to users, deceiving them into unwittingly installing the malicious payload. Once installed, Anatsa exfiltrates sensitive banking credentials and financial information.”
The latest apps discovered to be infecting Android phones include PDF and QR readers. Both managed to infect over 70,000 devices before being removed by Google.
If you suspect you may have downloaded apps named PDF Reader and File Manager or OR Reader and File Manager, it’s advisable to delete them immediately and monitor your bank account closely.
As always, prior to installing anything on your Android device, take a moment to do some research and verify things before hitting the download button.
Examine the developers and ensure they have a solid reputation. It’s also wise to look at previous reviews and be extremely cautious about what permissions you grant the app.
If you’re uncertain, DON’T download it. “The recent campaigns conducted by threat actors deploying the Anatsa banking trojan highlight the risks faced by Android users, in multiple geographic regions, who downloaded these malicious applications from the Google Play store,” added Zscaler ThreatLabz.
