Anatsa Targets North America; Uses Proven Mobile Campaign Process

ThreatFabric researchers have identified a new campaign involving the Anatsa Android banking trojan, which is now targeting users in North America. This marks at least the third instance of Anatsa focusing its operations on mobile banking customers in the United States and Canada. As with previous campaigns, Anatsa is being distributed via the official Google Play Store.

What is Anatsa?

Anatsa is a sophisticated device-takeover trojan designed to provide its operators with extensive capabilities. These include stealing credentials through overlay and keylogging attacks, as well as executing fraudulent transactions directly from infected devices via remote control functionalities.

ThreatFabric has been monitoring Anatsa’s activity since 2020 and recognizes the group as one of the most prolific operators in the mobile crimeware landscape. Their campaigns have consistently demonstrated a high level of success. This latest campaign is particularly notable due to its intensified focus on North American targets.

For more details, read the full article here.