Android users should be careful when installing apps on Google Play Store because you never know if they have malware.
One of the most notorious banking trojans to avoid is the Anatsa, designed to launder money from the victim's phone.
This dangerous money-stealing malware should be removed ASAP and you can avoid it by uninstalling some apps.
What's Anatsa Banking Trojan?
The Anatsa banking trojan is not a new malware anymore since it has been infecting devices for a few years. According to Fox News, it has hit several countries in the world, including the US, the UK, Switzerland, Austria, and Germany.
At that time, it was recorded that more than 600 banking apps were infected by Anatsa. Some of the notable financial institutions under its radar are TD Bank, JP Morgan, and Capital One.
One of the most alarming aspects of the Anatsa trojan is its ability to bypass Google's security checks, making it challenging to detect and eliminate. Its crafty creators deploy a clever strategy by initially disguising the malware as seemingly harmless productivity apps, like PDF editors and office suites.
These apps appear clean during the submission process to Google, only to have the malware added later. This sneaky approach enables the trojan to pass through Google's security measures undetected.
How Anatsa Banking Trojan Steals Money From Android Owners
Once Anatsa successfully infiltrates a device, it initiates an array of malicious activities primarily aimed at gathering sensitive financial information. Through the use of overlays, Anatsa steals vital data such as bank account credentials, credit card details, and payment information. These overlays manifest as deceptive pop-ups when users access their targeted banking apps.
However, the trojan doesn't stop at theft-it proceeds to commit fraud right on the infected device by launching a banking app and initiating unauthorized transactions.
To cover their tracks, the perpetrators convert the stolen funds into cryptocurrencies, which are then funneled back into their own coffers through a network of unsuspecting intermediaries known as money mules.
Avoid These Apps With Anasta Banking Trojan
Vigilance is crucial, particularly regarding malicious PDF and document apps on Android devices that are being exploited by Anatsa.
Security experts at ThreatFabric have identified several specific apps employed by cybercriminals to carry out their fraudulent activities. These include the following:
- All Document Reader & Editor - com.mikijaki.documents.pdfreader.xlsx.csv.ppt.docs
- All Document Reader and Viewer - com.muchlensoka.pdfcreator
- PDF Reader & Editor - com.proderstarler.pdfsignature
- PDF Reader - Edit & View PDF -lsstudio.pdfreader.powerfultool.allinonepdf.goodpdftools
- PDF Reader & Editor - moh.filemanagerrespdf
How to Get Rid of These Apps
To uninstall apps on an Android device, the exact steps may vary depending on the device manufacturer. However, generally, the process involves following these simple instructions:
- Open the Settings app on your Android device.
- Scroll down and locate the "Apps" or "Applications" option.
- Tap on the specific app you wish to remove from your device.
- Select the "Uninstall" option and confirm your choice by tapping "OK" or "Uninstall" once again.
Read also: 34 Android Apps Spotted Including Deadly 'Joker' and 'Autolycos' Malware: Delete These Apps Now