Security researchers have uncovered a widespread infiltration of malicious apps on the Google Play Store.
Over 90 apps, collectively downloaded a staggering 5.5 million times, were found to harbor various forms of malware and adware.
The malicious apps masqueraded as legitimate tools, personalization apps, photography utilities, productivity software, and even health & fitness apps. This deceptive tactic made them appear harmless to unsuspecting users, leading to millions of downloads before their true intentions were revealed.
Among the identified malware families were Joker, Facestealer, Coper, and the notorious Anatsa banking trojan. Anatsa, also known as Teabot, has seen a recent surge in activity, targeting over 650 financial institutions across Europe, the US, the UK, and Asia. This trojan aims to steal users’ e-banking credentials, enabling attackers to carry out fraudulent transactions.
The malicious apps employed various tactics to compromise user devices and data. Some apps delivered intrusive adware, bombarding users with unwanted advertisements and potentially tracking their online behavior. Others, like Anatsa, focused on stealing sensitive financial information, posing a severe risk to users’ financial security.
