Hot topics

Get Rid of These Spyware Apps that Plunder Your Bank Account

terovesalainen security protection
© terovesalainen/Adobe Stock

Read in other languages:

Over the past few months, more than 5.5 million installations of infected apps on smartphones have been recorded. What are the consequences of this huge wave of infection? Data theft and hacked bank accounts. Even more frightening is the fact these applications can be found in the official Google Play Store.

With smartphones and apps playing a very important role in our everyday lives, they've become indispensable. Android users simply need to launch the Google Play Store, type a few keywords, and click "Install". The relevant app will then be installed. However, millions of users who are rather lax in security measures have fallen to the scourge of banking trojans, which is one of the drawbacks of not knowing about Android scams.

Researchers discover 90 infected apps

Security researchers from Zscaler ThreatLabz have discovered over 90 applications in the Google Play Store in recent months that are security threats, having seen over 5.5 million installations to date. In other words, there are 5.5 million infected smartphones with the well-known banking trojan Anatsa (also known as Teabot) running. 

Google PlayStore screenshots of two apps identified to distribute the Anatsa banking spyware
Modern spyware are often disguised as general tools to trick users. / © Zscaler/ThreatLabz

Two apps identified to distribute Anatsa—already removed from the Play Store—were:

  • PDF Reader & File Manager
  • QR Reader & File Manager

The original installation package downloaded from the Play Store does not contain any malware. The researchers claim the trojan is subtly inserted via an update. This allows the malware to bypass Google's protective mechanisms to end up in the Play Store. The tool then searches for installed banking apps, and upon identifying them, it downloads a fake login page for that bank. The scammers hope this will deceive users to extract their personal banking information.

How do you recognize infected apps?

The first signs of malware can be detected in the Google Play Store. It is recommended to pay attention to both the number of downloads and ratings. Other users often warn that the app may not function properly, has unusually high data usage, or requests too many unexpected permissions. These are all telltale signs of infected applications.

Furthermore, security researchers caution that cybercriminals often disguise infected apps as flashlights, PDF readers, or QR code scanners. This requires extra attention when checking out these tools. If you suspect your smartphone is infected with a banking trojan, we highly recommend you delete the application immediately and change your electronic banking password.

However, the German Federal Office for Information Security emphasized that in select cases, Anatsa can only be eliminated by resetting the smartphone to its factory settings. If that doesn't work either, using Android's safe mode might help.

Have you performed a security risk assessment on your smartphone so far? What other steps have you taken to ensure your electronic banking experience is a safe one?

The best smartphones under $1,000 

  Editor's recommendation The best iPhone The best camera phone Value for money The best foldable The most affordable
Product
Price
  • $799
  • $799
  • $999
  • $599
  • $999
  • $499
Picture Samsung Galaxy S24 Product Image Apple iPhone 15 Product Image Google Pixel 8 Pro Product Image Nothing Phone (2) Product Image Samsung Galaxy Z Flip 5 Product Image Google Pixel 7a Product Image
Review
Review: Samsung Galaxy S24
Review: Apple iPhone 15
Review: Google Pixel 8 Pro
Review: Nothing Phone (2)
Review: Samsung Galaxy Z Flip 5
Review: Google Pixel 7a
Offer*
Go to comment (0)
Liked this article? Share now!
Recommended articles
Latest articles
Push notification Next article
No comments
Write new comment:
All changes will be saved. No drafts are saved when editing
Write new comment:
All changes will be saved. No drafts are saved when editing