Technical Analysis of Anatsa Campaigns: An Android Banking Malware Active in the Google Play Store
released on 2024-05-28 @ 11:07:54 AM
Threat actors are distributing the Anatsa Android banking malware through the Google Play store by disguising it as legitimate applications like PDF readers and QR code scanners. Once installed, Anatsa downloads its payload and steals sensitive banking credentials through the use of overlays. Anatsa has targeted banking apps in Europe and expanded to the US, South Korea, and Singapore.