More than 300,000 Android Users Downloaded Banking Trojans

According to ThreatFabirc researchers, over 300,000 Android users have downloaded multiple banking Trojans.

These banking Trojans, fitness monitors and cryptocurrency apps disguised as QR code readers steal users “passwords. These Trojans include Anatsa, which was installed by over 200,000 Android users, Alien, which was installed by 95,000 Android users, Hydra and Ermac, which together had more than 15,000 downloads. It is important to note that these malware families are hidden and only take effect once an app is installed, which allows them to bypass Play Store detection.

In the study of the four malware families, Anatsa is considered the most productive and described as an “advanced” banking trojan.

Anatsa is able to steal usernames and passwords, use access logs to capture everything that appears on a user’s screen, and record all the information that is entered on the phone. Applications that embed the malware include QR code scanners, PDF scanners, and cryptocurrency apps.

Alien malware, another banking trojan, can steal two-factor authentication. Apps that embed this malware include a gym app. Hydra and Ermac have both been linked to Brunhilda, a cybercriminal group that specializes in infecting Android devices with banking malware.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web