- Anatsa malware first emerged in 2020 as an Android banking trojan capable of credential theft, keylogging, and enabling fraudulent transactions.
- The latest variant of Anatsa targets over 831 financial institutions worldwide, adding new countries like Germany and South Korea, as well as cryptocurrency platforms.
- Anatsa streamlined payload delivery by replacing dynamic code loading of remote Dalvik Executable (DEX) payloads with direct installation of the Anatsa payload.
- Anatsa implemented Data Encryption Standard (DES) runtime decryption and device-specific payload restrictions.
- Many of the decoy Antasta applications have individually exceeded 50,000 downloads.
- Alongside Anatsa, ThreatLabz identified and reported 77 malicious apps from various malware families to Google, collectively accounting for over 19 million installs.
You must log in or # to comment.
I’m sure disallowing side loading will fix that… Oh wait
goog should divest from android as completely as they are supposed to separate out chrome from their offerings.
If you want to be the sole arbiter of what I can install on my phone, I need to trust YOU 100%, chuckles “I’m in danger”, that you are ACTUALLY protecting me from bad verified apps on your store. If you want to control it all, then do so by testing each and every app for any signs of malware/virus/trojan/etc. If you (app store) verify an app, then you need to be responsible for any fall out on your captured users. My phone only has like 10 apps installed, this doesn’t really affect me, but it does affect millions of others
