Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

Empowering you to understand your world
black android smartphone. Android apps containing the Anatsa trojan are difficult to spot because they are disguised as unrelated apps that people commonly use.

Anatsa Trojan Drains Android Users’ Bank Accounts

The Anatsa trojan has been cleaning out the bank accounts of Android users by taking over mobile banking apps. The Anatsa trojan is a dangerous form of malware that hides itself in seemingly innocent apps such as PDF readers (this is called a trojan horse). Trojan horses are among the most pervasive forms of malware due to the fact that you can’t see them.

They cause millions of infections and robberies per year, and are frequently distributed via the official Google Play app store. During the Anatsa trojan’s last campaign, the malware was downloaded over 300,000 times. The Anatsa trojan has been updated and was been wreaking havoc since March 2023. Bank account users in the United States, United Kingdom, Germany, Austria, and Switzerland have been affected by the Anatsa malware.

Customers at big banks such as JP Morgan, Capital One, TD Bank, Schwab, Navy Federal Credit Union are vulnerable to this malware as well.

How To Protect Yourself From The Anatsa Trojan

To protect yourself from the Anatsa trojan:

Carefully verify that the apps you download from the app store are genuine. Google Play has a display name for each app which is shown out front (For example: ‘Brave Browser’) as well as an ID that starts with ‘com.’. For example: ‘com.brave.browser‘. This is an example of a legitimate Google Play Store ID. Hover over the ID to see if the company name and app name look suspicious, if they don’t match the original name, or if they contain other unrelated names.

Avoid the following suspect apps:

  • PDF Reader – Edit & View PDF -lsstudio.pdfreader.powerfultool.allinonepdf.goodpdftools
  • PDF Reader & Editor – com.proderstarler.pdfsignature
  • PDF Reader & Editor – moh.filemanagerrespdf
  • All Document Reader & Editor – com.mikijaki.documents.pdfreader.xlsx.csv.ppt.docs
  • All Document Reader and Viewer – com.muchlensoka.pdfcreator

I highlighted the IDs in red. You’ll see them when you hover over their app store listings.

Related Articles

Play Store Trojans Steal Facebook Passwords

Several Popular Apps Are Draining Android Users’ Wallets

Share this article
Shareable URL
Prev Post

Mercedes Launches ChatGPT Integration For Its Cars

Next Post

Cracking the Code: Expert Tips for Managing and Safeguarding Passwords

Leave a Reply

Read next
Subscribe to our newsletter
Get notified when new content is published