Android Trojan Drains Bank Accounts in US, UK, Germany, Austria, and Switzerland

The Anatsa banking trojan has resurfaced with new capabilities, targeting over 600 banking apps and draining accounts of customers in the U.S., U.K., Germany, Austria, and Switzerland. The trojan is being distributed through malicious apps hosted on the Google Play Store, posing as PDF editors and office suites. Users are advised to uninstall specific apps listed in the report. Anatsa collects sensitive financial information using overlays on banking apps and performs fraudulent transactions on infected devices. The stolen funds are converted into cryptocurrency and sent back to the hackers through a network of money mules. Google has removed the identified malicious apps and banned the developers, while Google Play Protect automatically removes known malware-containing apps. Users are advised to limit app installations, avoid downloading free apps, check reviews and ratings, and consider using Android antivirus apps or Google Play Protect.