According to research by ThreatFabric, which specializes in cyberscams, unveiled this Monday, June 26, 2023, fraudulent Play Sorte applications have been emptying their users’ bank accounts for several months now. As early as March 2023, ThreatFabric discovered malware in the code of several Android apps. This malware is called Anatsa.
Anatsa steals data and bank codes as soon as it is installed on the smartphone of its targets. For this, the software uses the technique of overlay and that of recording keystrokes. In other words, the malware displays a page above that of an official application opened by the user by resuming its interface. The user then enters his identifiers and passwords, immediately recorded by the hackers.
The hackers then carry out banking operations without the knowledge of their victims without being worried by the security systems of the banks. Indeed, according to ThreatFabric, “Since the transactions are initiated from the same device used regularly by the customers of the targeted banks, it has been reported that the banks’ anti-fraud systems have a very difficult time detecting them.”
Anatsa was reportedly detected in five Android apps from the Play Store. Once reported, Google automatically removed the fraudulent apps from the Play Store as well as users’ phones. However, if you have one of the apps below installed, monitor all transactions in your bank account and change your passwords.