The Anatsa banking trojan has been distributed through fake apps on Google Play, which pose as utilities like PDF viewers and QR readers, with downloads exceeding 50,000. Once installed, it overlays banking apps with fake messages and performs malicious activities such as keylogging and transaction automation, while Google has removed the malicious app from the store. #Anatsa #GooglePlay #BankingTrojan
Keypoints
- The Anatsa trojan infiltrates devices via fake utility apps on Google Play.
- Malware masks its activity with fake notifications about system maintenance.
- It performs keylogging, account access, and transaction automation after infection.
- The malicious app is introduced through updates after initial benign appearances.
- User vigilance is advised to avoid suspicious apps and update security measures.