Security News > 2024 > May > Over 90 malicious Android apps with 5.5M installs found on Google Play
Over 90 malicious Android apps were found installed over 5.5 million times through Google Play to deliver malware and adware, with the Anatsa banking trojan seeing a recent surge in activity.
In February 2024, Threat Fabric reported that since late last year, Anatsa had achieved at least 150,000 infections via Google Play using various decoy apps in the productivity software category.
At the time of Zscaler's analysis, the two apps had already amassed 70,000 installations, demonstrating the high risk of malicious dropper apps slipping through the cracks in Google's review process.
Most of the malicious apps impersonated tools, personalization apps, photography utilities, productivity, and health & fitness apps.
The researchers did not disclose the names of the 90+ apps and whether they had been reported to Google for takedown.
At the time of writing this, the two Anatsa dropper apps discovered by Zscaler have been removed from Google Play.
News URL
Related news
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities (source)
- Google adds Android auto-reboot to block forensic data extractions (source)
- Update ASAP: Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers (source)
- Google fixes actively exploited FreeType flaw on Android (source)
- Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android (source)
- Google’s Advanced Protection Now on Android (source)
- Google strengthens secure enterprise access from BYOD Android devices (source)