Tag

Anatsa

All articles tagged with #anatsa

technology1 year ago•3 min saved

Delete These Dangerous Fake Google Play Updates from Your Android Device

Over 90 malicious Android apps, part of the Anatsa malware campaign, were discovered on the Play Store, collectively installed over 5.5 million times. These apps, including PDF Reader & File Manager and QR Reader & File Manager, infected at least 150,000 devices. Users are advised to uninstall these apps immediately and change banking app passcodes. To avoid malware, scrutinize app listings, trust only reputable developers, and be cautious of permissions requested.

via Lifehacker|

#anatsa #android #apps

technology1 year ago•2 min saved

Over 90 Malicious Android Apps with 5.5M Downloads Found on Google Play

Over 90 malicious Android apps, including those distributing the Anatsa banking trojan, were found on Google Play with over 5.5 million installs. Anatsa targets financial apps to steal e-banking credentials and has recently resurfaced via decoy apps like 'PDF Reader & File Manager' and 'QR Reader & File Manager.' Despite Google's efforts to remove these apps and ban their developers, the incident highlights ongoing risks and the need for users to scrutinize app permissions.

via BleepingComputer|

#anatsa #android #cybersecurity

technology1 year ago•3 min saved

"Urgent Alert: Android Users Targeted by Widespread Malware Threat"

Anatsa, a banking trojan, has infected at least 150,000 smartphones in Europe by disguising itself within apps like Phone Cleaner and PDF Reader. The malware targets Android's Accessibility Service to install itself and steal banking information. Google has removed the malicious apps from the Play Store, but users are advised to delete them from their devices. To protect against similar threats, users should be cautious of apps promising phone performance enhancements, check for well-written descriptions and high-quality images, and scrutinize user reviews for any signs of suspicious behavior.

via Lifehacker|

#anatsa #android #malware

cybersecurity1 year ago•3 min saved

"Anatsa Android Malware Spreads to Millions of Samsung Galaxy Users via Google Play"

The Anatsa banking trojan has infected at least 150,000 Android devices in Europe through dropper apps hosted on Google Play, targeting specific geographic regions and using tactics to bypass security measures. The malware has evolved to abuse Android’s Accessibility Service and employs a multi-staged infection process. Google has removed most Anatsa dropper apps from the store, but the total number of downloads is expected to increase. Android users are advised to scrutinize app permissions and avoid downloading apps from unfamiliar publishers to protect against potential malware threats.

via BleepingComputer|

#accessibility-service #anatsa #android-malware

malware-mobile-security1 year ago•2 min saved

"Anatsa Android Trojan Expands Global Reach, Evades Google Play Security"

The Anatsa Android banking trojan, also known as TeaBot and Toddler, has expanded its reach to include Slovakia, Slovenia, and Czechia in a new campaign observed in November 2023. Despite Google Play's enhanced detection and protection mechanisms, the trojan's droppers have successfully exploited the accessibility service and bypassed restricted settings for Android 13. Anatsa is distributed under innocuous apps on the Google Play Store and has the capability to gain full control over infected devices, execute actions on a victim's behalf, and steal credentials for fraudulent transactions. The latest campaign involved five droppers with over 100,000 total installations, with one dropper masquerading as a phone cleaner app and leveraging versioning to introduce malicious behavior. The trojan's abuse of the accessibility service is tailored to Samsung devices, and the campaign demonstrates a targeted approach to concentrate on specific regions for financial fraud.

via The Hacker News|

#anatsa #android #banking-trojan

mobile-security-malware2 years ago•2 min saved

"Anatsa Android Trojan Drains Bank Accounts in US, UK, and Germany"

Anatsa banking trojan is targeting banking customers in the US, UK, Germany, Austria, and Switzerland through dropper apps on the Google Play Store. The trojan steals credentials used to authorize customers in mobile banking applications and performs Device-Takeover Fraud (DTO) to initiate fraudulent transactions. Anatsa has backdoor-like capabilities to steal data and can bypass existing fraud control mechanisms to carry out unauthorized fund transfers. The dropper apps exploit the restricted "REQUEST_INSTALL_PACKAGES" permission to install additional malware on the infected device. ThreatFabric warns that the recent Google Play Store distribution campaigns demonstrate the immense potential for mobile fraud and the need for proactive measures to counter such threats.

via The Hacker News|

#anatsa #banking-trojan #google-play-store

cybersecurity2 years ago•3 min saved

Anatsa Android Trojan Targets Banking Users in Multiple Countries, Drains Accounts.

The Android banking trojan Anatsa is being distributed via the Google Play Store, with over 30,000 installations in the US, UK, Germany, Austria, and Switzerland. The trojan collects financial information by overlaying phishing pages on legitimate banking apps and via keylogging. Anatsa supports targeting nearly 600 financial apps from around the world and uses the stolen information to perform on-device fraud. Users are advised to be vigilant when installing apps on Android devices and to avoid apps from dubious publishers. Google has removed the identified malicious apps from the Play Store and banned the developers.

via BleepingComputer|

#anatsa #android #banking-trojan