Description
Threat actors are distributing the Anatsa Android banking malware through the Google Play store by disguising it as legitimate applications like PDF readers and QR code scanners. Once installed, Anatsa downloads its payload and steals sensitive banking credentials through the use of overlays. Anatsa has targeted banking apps in Europe and expanded to the US, South Korea, and Singapore.
Date
| Published | Created | Modified |
|---|---|---|
| May 28, 2024, 11:07 a.m. | May 28, 2024, 11:07 a.m. | May 28, 2024, 11:28 a.m. |
Attack Patterns
Anatsa
Anatsa
T1432
T1516
T1412
T1430
T1407
T1548
T1444
T1546
T1005
T1406
Additional Informations
Banking
Finland
Singapore
Spain
Germany
United Kingdom of Great Britain and Northern Ireland
United States of America