Saturday June 22, 2024

Millions of android users at risk as over 90 malicious apps discovered on Google Play Store

Devices of 5.5 million android users infected through seemingly safe popular apps

By Web Desk
May 29, 2024
Over 90 malicious Android apps discovered on Google Play Store. — AFP File
Over 90 malicious Android apps discovered on Google Play Store. — AFP File

Cloud security company Zscaler found out that more than 90 malicious Android apps were lurking in the Google Play store.

In a recent discovery, the company revealed that unsuspecting users downloaded these apps over 5.5 million times. Among the most dangerous threats, the notorious Anatsa banking Trojan, also known as TeaBot, stands out, Zscaler remarked.

Here's how it works:

These apps appear harmless initially. For instance, PDF Reader & File Manager and QR Reader & File Manager won't immediately infect your phone.

These apps create a false sense of security. But once installed, they deliver a second-stage payload—a disguised application update—that contains malicious code.

Anatsa is particularly dangerous because it targets banking apps. After infecting a device, it communicates with a command-and-control server (C2). If it detects any installed banking apps, it sends information to the C2 server, which responds with a fake login page for those apps. If users fall for this trick and enter their login details, hackers gain access to their accounts and can steal money.

While Anatsa primarily targets UK financial institutions, victims have also been reported in the US, Germany, Spain, Finland, South Korea, and Singapore.

Zscaler's researchers haven't disclosed the specific infected apps, but they've likely alerted Google to take action.

Regardless of your location, you need to be cautious when downloading apps. You have to stay vigilant and only download apps from trusted sources.