Security News > 2024 > May > Over 90 malicious Android apps with 5.5M installs found on Google Play
Over 90 malicious Android apps were found installed over 5.5 million times through Google Play to deliver malware and adware, with the Anatsa banking trojan seeing a recent surge in activity.
In February 2024, Threat Fabric reported that since late last year, Anatsa had achieved at least 150,000 infections via Google Play using various decoy apps in the productivity software category.
At the time of Zscaler's analysis, the two apps had already amassed 70,000 installations, demonstrating the high risk of malicious dropper apps slipping through the cracks in Google's review process.
Most of the malicious apps impersonated tools, personalization apps, photography utilities, productivity, and health & fitness apps.
The researchers did not disclose the names of the 90+ apps and whether they had been reported to Google for takedown.
At the time of writing this, the two Anatsa dropper apps discovered by Zscaler have been removed from Google Play.
News URL
Related news
- SpyLoan Android malware on Google play installed 8 million times (source)
- 8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play (source)
- Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System (source)
- Google patches actively exploited Android vulnerability (CVE-2024-43093) (source)
- Google fixes two Android zero-days used in targeted attacks (source)
- Google's mysterious 'search.app' links leave Android users concerned (source)
- Week in review: Zero-click flaw in Synology NAS devices, Google fixes exploited Android vulnerability (source)
- Google launches on-device AI to alert Android users of scam calls in real-time (source)
- Google's New Restore Credentials Tool Simplifies App Login After Android Migration (source)