Anatsa Android trojan now steals banking info from users in US, UK


A new mobile malware campaign since March 2023 pushes the Android banking trojan ‘Anatsa’ to online banking customers in the U.S., the U.K., Germany, Austria, and Switzerland.

According to security researchers at ThreatFabric, who have been tracking the malicious activity, the attackers are distributing their malware via the Play Store, Android’s official app store, and already have over 30,000 installations via this method alone.

ThreatFabric discovered a previous Anatsa campaign on Google Play in November 2021, when the trojan was installed over 300,000 times by impersonating PDF scanners, QR code scanners, Adobe Illustrator apps, and fitness tracker apps.

Read more…