An Android Virus Infects Over 150,000 Users in Spain and Beyond

Contents show


An Android Virus Infects Over 150,000 Users in Spain and Beyond

Cybercriminals Target Google Play

In a recent cyber attack, cybercriminals have once again targeted Google Play, infecting users with a virus hidden in five popular applications. Among the affected countries is Spain.

The Threat: Anatsa Banking Trojan

This virus, known as Anatsa, is far from a minor threat. It operates as a banking Trojan, capable of stealing private data and compromising user accounts. The discovery of this malware has prompted security firm ThreatFabric to take action to eliminate the threat.

High Infection Rate

While the reported number of affected users stands at around 150,000, ThreatFabric believes the actual number could exceed 200,000. This discrepancy arises because figures are often adjusted to account for error margins and averages. However, in this case, the infection rate has been unusually high.

Anatsa malware infection process on Android

 

Precise Infection Strategy

Cybercriminals employed a precise infection strategy, concealing the malware within seemingly useful and high-quality applications. They also tailored their attacks regionally to infect a larger number of users.

Affected Countries

Although the percentage of victims in each country has not been disclosed, countries affected, in addition to Spain, include the United Kingdom, Slovenia, Germany, and the Czech Republic. The criminals developed applications designed to climb the ranks of the most downloaded new apps on Google Play, enhancing their infection capabilities.

Identified Infected Apps

Five infected apps have been identified: Phone Cleaner – File Explorer, PDF Viewer – File Explorer, PDF Reader – Viewer & Editor, PDF Reader: File Manager, and Phone Cleaner: File Explorer. While these apps appear to offer useful functions, they actually hide the virus.

Also Read  AI develops a life of its own and can no longer be re-educated

Android PDF Reader malware-infected app

Warning of New Infections

ThreatFabric warns that new infected applications may appear on Google Play, posing as legitimate services. Users are advised to exercise caution and research unfamiliar app developers. It is also recommended to review recently installed apps to ensure none of the listed infected apps are present.

Infected Android application known as Phone Cleaner

Google’s Response

Google has responded to the malware expansion by removing all reported applications from Google Play. They have also assured users that the Google Play Protect system protects all Android users from such threats. Despite these assurances, users may still be concerned about potential risks after installing these apps.

Leave a Reply

Your email address will not be published. Required fields are marked *