2024-02-19
Banking Trojan in Google Play Store
The Anatsa banking Trojan has been found lurking in the Google Play store. This latest version of the malware has expanded its European focus from Germany, Spain, and the UK to include Slovenia, Slovakia, and Czechia. The malware spreads phony cleaner and PDF reader dropper apps. The malware is estimated to have been downloaded 150,000 times from the Google Play Store.
Editor's Note
There is a level of implicit trust given to both Google Play and the Apple app store. Both do a good job vetting applications before placing in their app store. That said, this is the second example in the last few weeks where their vetting processes fell short. Expect cybercriminals to continue to target these app stores, and others, as part of a supply chain attack.
Curtis Dukes
Read more in
Bleeping Computer: Anatsa Android malware downloaded 150,000 times via Google Play
Infosecurity Magazine: Anatsa Banking Trojan Resurfaces, Targets European Banks
The Hacker News: Anatsa Android Trojan Bypasses Google Play Security, Expands Reach to New Countries
ThreatFabric: Anatsa Trojan Returns: Targeting Europe and Expanding Its Reach