Monday, December 23, 2024

All UK Android users placed on red alert and ignoring new warning will be costly

Must read

Android users are well aware of the dangers of downloading dodgy apps but there’s a worrying new alert that definitely should not be ignored. Security experts at Zscaler ThreatLabz have discovered a batch of dangerous applications that contain the viscous Anstsa bug. Once installed, this nasty malware is fully capable of allowing hackers to monitor phones and steal personal passwords which can then be used to attack and steal money from online bank accounts.

All of this is done remotely using screen overlay tactics and it’s likely the phone owner will never know anything is wrong until they check their financial balances.

What makes this new attack even more frightening is that many of the apps found to be capable of installing Anstsa onto devices were readily available on Google’s official Play Store.

Zscaler ThreatLabz says this has led to them being downloaded over five million times.

The most recent apps found to be infecting Android phones include PDF and QR readers. Both managed to infect over 70,000 devices before being removed by Google.

Another reason they have been so successful is that they use the so-called “dropper technique” to infect devices. It’s a clever hack as, on first impressions, the downloaded application looks completely clean and free from bugs. However, all is not what it seems with criminals then adding the money-stealing malware at a later date via over the web update.

“At Zscaler ThreatLabz, we regularly monitor the Google Play store for malicious applications,” the team explained. “Over the past few months, we identified and analyzed more than 90 malicious applications uploaded to the Google Play store. These malware-infected applications have collectively garnered over 5.5 million installs.

“This sophisticated malware employs dropper applications that appear benign to users, deceiving them into unwittingly installing the malicious payload. Once installed, Anatsa exfiltrates sensitive banking credentials and financial information.”

If you think you may have downloaded any dangerous apps – especially two called PDF Reader & File Manager or OR Reader & File Manager – then it’s a good idea to delete them immediately and keep a close eye on your bank account.

As always, before installing anything on your Android device take time to do some research and check things out before tapping the download button.

Look at the developers and make sure they have a good reputation. It’s also a good idea to look at previous reviews and be really careful what permissions you grant the app. If you’re unsure, DON’T download it.

“The recent campaigns conducted by threat actors deploying the Anatsa banking trojan highlight the risks faced by Android users, in multiple geographic regions, who downloaded these malicious applications from the Google Play store,” Zscaler ThreatLabz added.

Latest article