ANDROID owners have been warned about sinister new “bank-raiding” apps that are plaguing peoples’ smartphones.
Experts from ThreatFabric, a cybersecurity research group, uncovered the malware-laden apps lingering on Google Play store last month.
2
2
The trojan malware dubbed “Anatsa” is reportedly being downloaded onto Android devices disguised as legitimate programs such as PDF viewers.
And once installed, Anatsa then collects financial information such as bank account credentials, credit card details and payment information.
The hackers do this by overlaying phishing pages on the foreground when the user attempts to launch their legitimate bank app.
The stolen data is subsequently used to make unauthorised transactions on the victim’s behalf.
Researchers at ThreatFabric have been tracking the malicious activity and claimed there were more than 30,000 installations of Anatsa’s phoney apps in March.
They also discovered Anatsa had run a previous phishing campaigns in 2021, where the attackers impersonated PDF scanners, QR code scanners, Adobe Illustrator apps and fitness tracker apps.
ANATSA’S LATEST STRATEGY
The malware software has targeted customers of office productivity apps from Google Play.
The malicious apps reportedly pose as PDF viewers, editor apps and office suites.
Most read in Tech
ThreatFabric claimed to have reported the apps to Google, who subsequently removed them from the store.
However, the attackers have returned under new guises to evade Google’s stringent code review process, it was reported.
Researchers believe the Anatsa trojan has targeted about 600 financial apps of banking institutions too.
A ThreatFabric spokesman said: “Since transactions are initiated from the same device that targeted bank customers regularly use, it has been reported that it is very challenging for banking anti-fraud systems to detect it.”
The stolen money is usually converted to cryptocurrency and then funnelled through an untraceable web of online accounts, it was reported.
HOW TO STAY SAFE
According to experts, users should avoid installing apps from suspicious publishers, even if they are on reputable marketplaces such as Google Play.
Customers have also been urged to check the reviews and identify if there was a pattern of reports that indicated dodgy behaviour.
If the app has few installs and reviews, it is recommended to be avoided.
