Summary: Security researchers have identified a sophisticated malware campaign distributing the Anatsa banking trojan via a Google Play Store app masquerading as a file manager. The malicious application, which garnered over 220,000 downloads, employed advanced techniques to bypass security checks and compromise user devices. Following its discovery, Google acted promptly to remove the app and launch uninstallation campaigns for affected users.
Affected: Google Play Store users
Keypoints :
- Malicious app disguised as a benign file manager and document reader, achieving significant download numbers before removal.
- Anatsa banking trojan uses overlay attacks and credential harvesting targeting financial institutions across various regions.
- Google’s response involves removing the app, initiating a mass uninstallation campaign, and raising awareness about the importance of user education in cybersecurity.
Source: https://gbhackers.com/malicious-android-app-on-google-play/