90 apps with a dangerous Trojan manage to sneak into Google Play: they have been downloaded more than 5 million times

It has just been discovered that 90 apps on the Play Store are infected by malware and can steal banking credentials

90 apps with a dangerous Trojan manage to sneak into Google Play
Google’s Play Store Infected by 90 Apps with Malware That Are Capable of Stealing Users’ Banking Credentials

Another week in which malware apps are discovered in the Google Play Store. This time, there are 90 applications that accumulate a total of 5 million downloads and whose interior is inhabited by a Trojan. The situation has put millions of users at risk, offering their data to the cybercriminals behind this content.

It has been thanks to an investigation carried out by Zscaler that it has been possible to know the invasion of malware-infected applications in the Google app store. Specifically, it is the Anatsa malware or also known as TeaBot.

Google’s Play Store Infected by 90 Apps with Malware

Anatsa is a very sophisticated malware, in order to infect the different devices it uses a method called dropper that allows you to use benign applications as a kind of Trojan horse. These contents are harmless, but they direct users to download the malware.

Once Anatsa is inside the device, his way of acting is drastic and he dedicates himself to extracting the banking credentials along with the financial information. What the malware is looking for is to completely get hold of any kind of data that could allow cybercriminals to steal users’ money.

Two apps infected by the malware  Image Zscaler
Two apps infected by the malware / Image: Zscaler

The method used to steal the information is overlay and accessibility, as the malware is installed on the device; It has the ability to read the information on the screen and, of course, this applies to when users type their credentials into the different applications.

The applications infected by this malware masqueraded as QR code or PDF readers, being key applications for users and receiving downloads constantly. In some cases, these apps have managed to sneak into Google’s recommendations due to the attention received from users.

This infected content has mainly affected users in the United States, the United Kingdom, Spain, Germany, Finland, South Korea and Singapore. In addition, as these are applications that do not integrate malware, they have been able to sneak into the Play Store without too many problems.

What is clear is that Google must review its policies because users are completely exposed to possible attacks. Despite all the precautions taken, one is never sure enough about what is installed on the device.

Related: Do you use any of these finance apps? Study reveals vast amount of personal data shared with third parties



Leave a Reply