The Anatsa banking malware has been targeting Android users in Europe, sneaking onto devices through apps on Google Play. In the last four months, it has affected users in countries like the UK, Germany, and Spain. Security experts found that these malware attacks came from apps that made it to the "Top New Free" section on Google Play, making them seem trustworthy. So far, there have been about 150,000 cases of this malware, but the real number might be closer to 200,000.
According to ThreatFabric, the malware tricked people by hiding in apps that looked like PDF viewers or phone cleaners. One app called ‘Phone Cleaner – File Explorer’ got over 10,000 downloads, and another, 'PDF Reader: File Manager', got more than 100,000. Google has removed most of these harmful apps, but one is still available.
These apps start a complex process to download harmful software without being noticed. They often pretend to need access to special phone settings for valid reasons, like saving battery, but they're actually preparing to install malware.
The malware is smart. It downloads in steps to avoid getting caught by Google's security checks. First, it gets setup instructions from a harmful server. Then, it downloads the actual malware in pieces, making it harder for Google to spot the problem right away.
To stay safe, Android users should be careful about which apps they download. Look for signs that an app might not be safe, like asking for unnecessary permissions. Apps asking for access to special features, especially for things they shouldn't need, might be a warning sign of malware.
Google has said all the known bad apps are now gone from Google Play. Android devices with Google Play Services have Google Play Protect, which helps stop known malware from causing trouble, even if it comes from outside the Play Store.
Read next: Google’s New Policy Changes Come Into Play As Ban On Impersonation And False Affiliation Ads Set To Begin Next Month
According to ThreatFabric, the malware tricked people by hiding in apps that looked like PDF viewers or phone cleaners. One app called ‘Phone Cleaner – File Explorer’ got over 10,000 downloads, and another, 'PDF Reader: File Manager', got more than 100,000. Google has removed most of these harmful apps, but one is still available.
These apps start a complex process to download harmful software without being noticed. They often pretend to need access to special phone settings for valid reasons, like saving battery, but they're actually preparing to install malware.
The malware is smart. It downloads in steps to avoid getting caught by Google's security checks. First, it gets setup instructions from a harmful server. Then, it downloads the actual malware in pieces, making it harder for Google to spot the problem right away.
To stay safe, Android users should be careful about which apps they download. Look for signs that an app might not be safe, like asking for unnecessary permissions. Apps asking for access to special features, especially for things they shouldn't need, might be a warning sign of malware.
Google has said all the known bad apps are now gone from Google Play. Android devices with Google Play Services have Google Play Protect, which helps stop known malware from causing trouble, even if it comes from outside the Play Store.
Read next: Google’s New Policy Changes Come Into Play As Ban On Impersonation And False Affiliation Ads Set To Begin Next Month