Everyone with an Android phone in their possession must be on high alert right now and be very careful when downloading apps. That’s the latest warning from security experts who say millions of phone users have been installing software that feature worrying cyber threats. In fact, according to Zscaler’s ThreatLabs team, a whopping 77 dodgy apps are thought to have made their way onto the Google Play Store, with some laced with the nasty Anatsa bug that can steal banking details and enable fraudulent transactions.
What makes this attack even scarier is the way it gets onto devices in the first place. When originally downloaded, everything appears fine and the app works as expected. However, once installed, an update is then pushed out by the cyber crooks which contains the viscous banking bug.
“Anatsa uses a dropper technique, where the threat actors use a decoy application in the official Google Play Store that appears benign upon installation,” Zscaler explained.
“Once installed, Anatsa silently downloads a malicious payload disguised as an update from its command-and-control (C2) server. This approach allows Anatsa to bypass Google Play Store detection mechanisms and successfully infect devices.”
This method of infection makes things incredibly hard to spot, but Android users can protect themselves by following one very simple rule.
“Our research demonstrates the techniques that Anatsa and other Android malware families leverage for distribution through the official Google Play Store,” Zscaler explained.
“Android users should always verify the permissions that applications request, and ensure that they align with the intended functionality of the application.”
That’s solid advice and something everyone should consider before installing software onto phones. Always check the reviews and spend some time researching the developer.
Another top tip is to make sure Google Play Protect is switched on. This free service checks apps and devices for harmful behaviour.
It also runs a safety check on apps from the Google Play Store before downloading them and warns about potentially harmful apps.
It even has the ability to deactivate or remove harmful apps from a device.
Now is definitely not a good time for Android users to let their guard down. Alongside Anatsa, there have been more attacks.
ThreatLabz’s latest report says it identified and reported a total of 77 malicious applications from various malware families to Google. These include the worrying Joker bug which can read and send text messages, snap sneaky screenshots of what you are doing, make phone calls, and steal contact lists.
It’s even been known to sign those infected up to premium services without them knowing.
Google has now removed all of the dangerous apps from its platform but stay alert and only install things once you’ve done some research.