Security experts have issued a warning to Android users following the discovery of more than 90 malicious applications in the Google Play store. These apps, which were downloaded more than 5.5 million times, were primarily designed to steal banking data. Although Google has removed these apps from its Play Store, users who might have downloaded them are urged to remove them manually.
The malicious apps were mostly disguised as utility or entertainment apps, making them hard to detect. They contain aggressive malware that targets and steals confidential financial information. Users are advised to implement recommended security measures such as regular system updates, avoiding third-party app stores, and only downloading verified apps with high ratings.
Anti-malware software can also provide additional security. Users should regularly check their devices for any suspicious activity and report it promptly to protect their personal cyber security.
A recent threat identified is the Anatsa malware, also known as TeaBot. Anatsa is designed to steal financial data from a wide range of apps. Once installed, the malware monitors device usage and records screen touches, often without the user’s knowledge. It targets bank applications in particular, stealing passwords and credit card details.
One of the ways Anatsa steals information is by mimicking legitimate banking app interfaces with fake ones.
Protecting Android users from malicious apps
Unsuspecting users unknowingly provide their information to the malware, believing they are interacting with secure systems.
To protect themselves from Anatsa, users are advised to update all applications and operating systems regularly, only download apps from trusted sources, and regularly check their devices for unusual behavior.
Compromised apps extract personal banking information quietly through masked updates, often camouflaged as routine enhancements and security updates. Information captured unknowingly by users is used to carry out fraudulent transactions or sold on the dark web.
Zscaler’s cybersecurity team highlighted ‘PDF Reader & File Manager’ and ‘QR Reader & File Manager’ as particularly malicious apps. Downloaded more than 70,000 times, these apps managed to appear legitimate thanks to their high download rates. Following their installation, these apps deliver large quantities of disruptive ads, compromising privacy and device security significantly.
Malware-laden apps most commonly target tools, personalization, photography, productivity, and health & fitness categories. These categories often have a large number of daily active users, making them prime targets for hackers. Users are advised to regularly update their systems, review app permissions, and limit unnecessary data access to protect against malware.
Security experts recommend using services that autonomously deactivate malware-infected apps and to download apps strictly from trusted sources such as the Google Play Store. Installing a reliable mobile antivirus and backing up important data regularly can also help safeguard personal information.
