Anatsa Android Banking Trojan Now Targeting 830 Financial Apps
Active since 2020, Anatsa allows its operators to take over infected devices and perform fraudulent transactions and other various actions on behalf of their victims. Last year, the trojan was seen targeting over 600 financial applications, after expanding to several European countries.
Now, it is also going after mobile users in Germany and South Korea, and is targeting over 150 new banking and cryptocurrency applications, Zscaler reports. The malware was seen being distributed through decoy applications available through the official Google Play store, some of which have amassed over 50,000 downloads.
The security firm says it identified and reported to Google 77 nefarious applications that distributed Anatsa and other malware families and which had over 19 million collective downloads. Most of these applications distributed adware (66.4%), and the Joker malware (24.7%).