Per Thread Fabric, there are five Android apps that you need to delete immediately if you have installed them on your Android phone. The apps have already been removed from the Google Play Store but will remain on your Android phone if you downloaded them and never uninstalled the apps. These five apps contain a banking trojan called Anatsa which has been seen in various countries including the U.S. last summer.
The problem with these apps is that once they are on your phone, an attacker can take control of your handset without you knowing. Not only can the attacker access your personal data, they can also make payments from your banking apps. In other words, these apps, loaded with the Anatsa trojan, can drain your bank account. The apps involved were downloaded between 150,000 and 200,000 times since November before getting kicked out of the Play Store by Google.
These apps, called dropper apps, are originally listed in the Play Store and carry additional malicious apps in their payloads. The dropper loads these apps on an infected handset. A previous campaign last year resulted in the use of the Anatsa trojan in the U.S., U.K., Germany, Austria, and Switzerland. The new campaign, targeting the U.K., Germany, Spain, Slovakia, Slovenia, and the Czech Republic, uses dropper apps designed to show up under the “Top New Free” categories in the Google Play Store.
Example of one of the dropper apps used with the Anatsa banking trojan
Even scarier, since the last campaign, the dropper apps have evolved to help escape detection thanks to a “multi-stage infection process” that helps them bypass security measures found in versions of Android up to Android 13.
The five apps that you need to look for on your phone include:
- Phone Cleaner – File Explorer
- PDF Viewer – File Explorer
- PDF Reader – Viewer & Editor
- Phone Cleaner: File Explorer
- PDF Reader: File Manager
If you have any of these apps on your Android phone, it is imperative that you uninstall them immediately. Also, if any of these five show up on your Android phone, you might want to go over your banking account statements with a fine-tooth comb to look for any suspicious activity.
How can you avoid installing malicious apps? Always check the reviews in the Play Store for red flags. Complaints about the battery draining, the phone running slowly and getting hot to the touch are usually great warning signs. Also, you might see comments from those who installed the app and find that it doesn’t do the task that they installed it to perform.