Over 300,000 Android users have downloaded these banking trojan malware apps, say security researchers

Over 300,000 Android smartphone users have downloaded what have turned out to be banking trojans after falling victim to malware which has bypassed detection by the Google Play app store. 

Detailed by cybersecurity researchers at ThreatFabric, the four different forms of malware are delivered to victims via malicious versions of commonly downloaded applications, including document scanners, QR code readers, fitness monitors and cryptocurrency apps. The apps often come with the functions which are advertised in order to avoid users getting suspicious. 

In each case, the malicious intent of the app is hidden and the process of delivering the malware only begins once the app has been installed, enabling them to bypass Play Store detections. 

The most prolific of the four malware families is Anatsa, which has been installed by over 200,000 Android users – researchers describe it as an “advanced” banking trojan which can steal usernames and passwords, and uses accessibility logging to capture everything shown on the user’s screen, while a keylogger allows attackers to record all information entered into the phone. 

Anasta malware has been active since January, but appears to have received a substantial push since June – researchers were able to identify six different malicious applications designed to deliver the malware. These include apps

Read More: https://www.zdnet.com/article/over-300000-android-users-have-downloaded-these-banking-trojan-malware-apps-say-security-researchers/#ftag=RSSbaffb68