"Over 300,000 Android Users Have Downloaded These Banking Trojan Malware Apps"

More than 300,000 Android smartphone users have downloaded banking Trojans via malicious apps that bypassed detection by the Google Play app store. According to cybersecurity researchers at ThreatFabric, four different forms of malware were distributed to victims through malicious versions of document scanners, QR code readers, cryptocurrency apps, and other commonly downloaded apps. The malicious apps often provided the same functions as legitimate apps to avoid raising users' suspicion. They were able to evade Google Play detections as the process of malware delivery only began when the app had been installed. Anatsa was found to be the most prolific of the four malware families as over 200,000 users have installed it. The researchers describe Anatsa as an advanced banking Trojan that can steal usernames and passwords, and use accessibility logging to capture everything displayed on the user's screen. The QR code scanner, one of the malicious apps designed to deliver the Anatsa malware, has been installed by 50,000 users alone. This app's download page shows a significant number of positive reviews, which encourage people to download it. Alien is the second most prolific of the malware families, with nearly 95,000 installations through malicious apps, including a gym and fitness app. Hydra and Ermac are the other two forms of malware, which have a combined total of 15,000 downloads and have been linked to Brunhilda, a cybercriminal group known to target Android devices with banking malware. This article continues to discuss findings surrounding password-stealing Android banking Trojans disguised as legitimate apps and the continued evolution of the Android banking malware echo-system. 

ZDNet reports "Over 300,000 Android Users Have Downloaded These Banking Trojan Malware Apps"