Confirmed – Over 90 Android apps on Google Play steal your banking information – check this list before it’s too late

Who would think that downloading an app to read PDFs or scan QR codes would put their banking information at risk? Well, that’s exactly what’s happened to millions of Android users. A sophisticated new malware called Anatsa managed to sneak into more than 90 apps on Google Play, and before they were taken down, they had been downloaded more than 5.5 million times! This virus hides in innocent-looking apps, taking advantage of our trust to steal sensitive information without us even noticing. If you use Android, we’ll tell you how to recognize these dangers and what to do if you’ve already installed one of these apps.

What happened what?

A report from cybersecurity firm Zscaler has brought to light something alarming: more than 90 malicious Android apps have managed to sneak into Google Play in recent months. Among them, a particularly sophisticated Trojan called Anatsa stands out, designed to go unnoticed while stealing sensitive information from users.

Worst of all, this set of malware applications has been installed on more than 5.5 million phones…

How the Anatsa malware tries to trick Android users

According to BleepingComputer, since Thursday Google has removed from its store all the applications highlighted in the report.

These include Anatsa, also known as “TeaBot”, along with other malicious programs that were posing as PDF and QR code reading apps, photography tools and even health and fitness applications. According to the outlet, this discovery exposes a “high risk” of malicious apps being able to evade Google’s review filters and reach users’ devices.

Although in this case, Anatsa only represents 2% of the most popular malware, it is very damaging, as this virus is known to attack more than 650 financial institutions! And two of its QR and PDF readers had accumulated more than 70,000 downloads at the time this report was published, which is crazy.

How does this virus work?

Once installed as a regular app, Anatsa uses advanced tricks to remain undetected and access users’ banking information. Two such disguised apps are mentioned in the report: “PDF Reader and File Manager” by Tsarka Watchfaces and “QR Reader and File Manager” by risovanul. With names like that, it’s easy to see why Android users might fall for it unsuspectingly – don’t judge yourself if that’s the case for you.

Because many people have fallen for this trap, and it’s normal, because how are we supposed to know that a PDF reader or a photo editing application hides so much malice behind it?

In addition, these fake applications acted as if they were normal applications while they were trying to steal information.

Google has already been working on removing these apps and, as we have seen, has removed more than 90 apps, but how many are still there willing to harm users?

Advices for the future

Google has already been working on removing these apps and, as we have seen, it has removed more than 90 apps, but how many are still there ready to harm users?

This situation reminds us of how vulnerable we are on the web, because look how downloading seemingly harmless apps can turn our lives upside down.

The fact that these apps managed to infiltrate the Google store alerts us to the risks that still exist and continue to exist. As consumers, we must be careful and distrust any app, especially those that promise simple functions but require unusual permissions. Keep your device updated and check carefully before installing any app; sometimes, the threat hides in the most unexpected places. Protecting our information is essential in a digital world where security is never guaranteed!