- Security researchers found a PDF application for Android with a bank truck
- The Trojan was introduced with a patch, six weeks after the launch
- I had more than 50,000 downloads, so users must be careful
A dangerous Android Bank Trojan has found a way of Google Play Store once again, which can affect tens of thousands of American users, experts warned.
Amense Fabric’s security researchers found an application in Play Store, called ‘Document Viewer – File Reading’, published by a company called ‘Hybrid Cars Simulator, Drift & Racing’ approximately two months ago and having accumulated significant follow -up: about 50,000 people.
Until recently, the application was clean, it worked as planned. Then, between June 24 and 30, he received an update that made it a bank truck called Anatsa.
How to stay safe
This is a piece of known malware that has been smuggled in Play Store on multiple occasions in the past.
Bleepingcomputer The claims in November 2021 researchers found a troyanized application with 300,000 downloads, and in June 2023 a separated with 30,000 downloads. In February 2024 there was another application with Anatsa, counting 150,000 downloads, and in May the same year, two applications with 70,000 downloads between them.
Every time, Google eliminates applications, but attackers seem to find a return path.
Anatsa is a bank trly to first scan the victim’s mobile device, looking for bank applications in North America.
If you find any, it serves a superposition that takes credentials and other login data, giving attackers the ability to start account in accounts and perform transactions. At the same time, the victims are presented with a message that the application is in scheduled maintenance.
The application has now been removed from Play Store, and if it has it installed, it would be advisable to eliminate it and then execute a complete system scan using Play Protect. It would also be recommended to restore the credentials of the bank account.
“All these identified malicious applications have been eliminated from Google Play,” said a Google spokesman Bleepingcomputer. “Users are automatically protected by Google Play Protect, which can warn users or block applications that are known to exhibit malicious behavior on Android devices with Google Play services.”
Through Bleepingcomputer
