Delete this app now.
AFP via Getty Images
Whisper it quietly, but while warning after warning urges Android users only to install apps from Google’s official Play Store, some of those apps are still as dangerous as sideloading. More alarmingly, it’s often the same threat over and over.
So it is with the latest report from Zscaler’s ThreatLabz, which has just “identified another malicious Android app in the Google Play Store.” At the time of reporting, the app was still live with 50,000 installs and counting. “The app is disguised as a document reader / file manager, but actually downloads the Anatsa trojan.”
If it’s installed on your phone, remove it.
In August I reported that Google had deleted a number of Anatsa laced apps from its store. At the time, Google told me “protection against these malware versions was already in place through Google Play Protect prior to this report. Based on our current detection, no apps containing these versions of this malware are found on Google Play.”
Anatsa, which is commonly known as TeaBot, “steals credentials, monitors keystrokes, and facilitates fraudulent transactions.” it is continually evolving, and each time it reappears it has a new set of nasty tricks and more advanced obfuscation.
Anatsa is a banking trojan, targeting hundreds of specific financial institutions to steal user credentials — as they engage with apps on their phones, and then their money.
Per Cybersecurity News, “users face risks of stolen banking credentials via fake logins or automated fraud, especially in North America, where prior strains ranked high in ‘Free Tools’ sections. Google has bolstered Play Protect, but timely researcher reports remain crucial.” That said, ensuring Play Protect is always enabled is critical.
Earlier this year, Zscaler reported that “alongside Anatsa, it had identified and reported 77 malicious apps from various malware families to Google, collectively accounting for over 19 million installs.” Google always removes the apps and ensures Play Protect is updated. But the dangerous game of cat and mouse shows no signs of abating.
