Nefarious Anatsa Android Trojan caught stealing banking information and performing on-device fraud
July 17, 2026
  • Read Ecopy
  • Circulation
  • Advertise
  • Careers
  • About Us
  • Contact Us
Android AppiPhone AppArattai
Organiser
  • ‌
  • Bharat
    • Assam
    • Bihar
    • Chhattisgarh
    • Jharkhand
    • Maharashtra
    • View All States
  • World
    • Asia
    • Europe
    • North America
    • South America
    • Africa
    • Australia
  • Editorial
  • International
  • Opinion
  • RSS @ 100
  • More
    • Op Sindoor
    • Analysis
    • Sports
    • Defence
    • Politics
    • Business
    • Economy
    • Culture
    • Special Report
    • Sci & Tech
    • Entertainment
    • G20
    • Azadi Ka Amrit Mahotsav
    • Vocal4Local
    • Web Stories
    • Education
    • Employment
    • Books
    • Interviews
    • Travel
    • Law
    • Health
    • Obituary
  • Subscribe
    • Subscribe Print Edition
    • Subscribe Ecopy
    • Read Ecopy
  • ‌
  • Bharat
    • Assam
    • Bihar
    • Chhattisgarh
    • Jharkhand
    • Maharashtra
    • View All States
  • World
    • Asia
    • Europe
    • North America
    • South America
    • Africa
    • Australia
  • Editorial
  • International
  • Opinion
  • RSS @ 100
  • More
    • Op Sindoor
    • Analysis
    • Sports
    • Defence
    • Politics
    • Business
    • Economy
    • Culture
    • Special Report
    • Sci & Tech
    • Entertainment
    • G20
    • Azadi Ka Amrit Mahotsav
    • Vocal4Local
    • Web Stories
    • Education
    • Employment
    • Books
    • Interviews
    • Travel
    • Law
    • Health
    • Obituary
  • Subscribe
    • Subscribe Print Edition
    • Subscribe Ecopy
    • Read Ecopy
Organiser
  • Home
  • Bharat
  • World
  • Operation Sindoor
  • Editorial
  • Analysis
  • Opinion
  • Culture
  • Defence
  • International Edition
  • RSS @ 100
  • Magazine
  • Read Ecopy
Home World

Nefarious Anatsa Android Trojan caught stealing banking information and performing on-device fraud

As per the report, Anatsa Trojan is very dangerous because it can “bypass a wide array of existing fraud control mechanisms” as it has “very advanced Device-Takeover capabilities”.

WEBDESKWEBDESK
Jun 27, 2023, 10:00 pm IST
in World, Sci & Tech
Follow on Google News
FacebookTwitterWhatsAppTelegramEmail

Cyber fraud analysts at cyber security firm, ThreatFabric found an Android banking Trojan known as Anatsa on June 26. This malware steals the financial data of Android users when they download banking apps, which have over 30,000 downloads. This malware has affected several countries. ThreatFabric discovered the Anatsa Trojan two years ago, but it has emerged again lately.

Analysts discovered this android Trojan while monitoring multiple ongoing dropper campaigns happening at Google Play Store. As per Trend Micro, “Droppers are programs designed to extract other files from their own code. Typically, these programs extract several files into the computer to install a malicious program package”.

As per the report, Anatsa Trojan is very dangerous because it can “bypass a wide array of existing fraud control mechanisms” as it has “very advanced Device-Takeover capabilities”. This ongoing dropper campaign has affected around 600 banking applications in countries. The malware steals the information of the users of these inflected banking apps, such as credit card information, login credentials, PIN numbers etc. Then it initiates fraudulent transactions by performing Device-Takeover Fraud (DTO). The affected users are mainly from the UK, US, Germany, Austria, and Switzerland.

This Trojan is truly nefarious as it dupes users into downloading legitimate-looking banking apps. It also bypasses anti-fraud systems used by banks for the identification of automated, illegitimate transactions.

Cyber fraud analysts of ThreatFabric came to know about the emergence of Anatsa in March of this year. The analysts identified a dropper app on the Google Play Store, which was used to infect devices by pretending as a PDF reader application.

After installing such inflected apps, it would then “make a request to a page hosted on GitHub, where the dropper would get the URL to download the payload (also hosted on GitHub)”. These payloads disguise as an add-on to the original application.

When this app was reported, Google immediately pulled it down from the store, but after a month, it again got listed as a PDF viewer. The analysts discovered three more droppers in May and June.

As per the report by ThreatFabric, this latest Anatsa campaign reveals the threats faced by banks and financial institutions are evolving continuously. The only way to safeguard from this malware is to physically uninstall the app from the Android device.

Also Read: Beware! Delete these 101 applications to protect your Android phones from dangerous malware

It’s important to note that Android device has been facing continuous threats from cyber criminals through malware. Malware attacks planned by hackers are not new to the digital age, as we have witnessed them from time to time. Recently, a new Trojan malware called SpinOk was discovered, and reportedly it affected as many as 101 applications on Google Play Store.

Researchers have claimed that these malware attacks are in the form of advertisements and looks like a third-party attack. The motive of the hackers is to target the personal data of individuals. The malware or software module is equipped with spyware functionality. It can collect information on files stored on devices and is capable of transferring them to malicious actors. It can also substitute and upload clipboard contents to a remote server.

Also Read: Alert! ‘Daam’ virus infects Android phones, hacks into call records and change passwords: Govt

This month even Indian Computer Emergency Response Team or CERT-In released an advisory report stating that an Android malware named “Daam” infects mobile phones is spreading. This virus can access private information like call logs, contacts, history, and cameras. The advisory stated that the virus is capable of “bypassing anti-virus programs and deploying ransomware on the targeted devices”.

According to the CERT, the Android botnet is spread through third-party websites or apps downloaded from dubious or unknown sources. The advisory states, “Once it is placed in the device, the malware tries to bypass the security check of the device, and after a successful attempt, it attempts to steal sensitive data and permissions such as reading history and bookmarks, killing background processing, and reading call logs etc”.

Topics: AnatsaAnatsa Android Trojandropper campaignsDevice-Takeover FraudDTObanking appsGoogle Play StoremalwareThreatFabricAnatsa Trojan
ShareTweetSendShareSend
✮ Subscribe Organiser YouTube Channel. ✮
✮ Join Organiser's WhatsApp channel for Nationalist views beyond the news. ✮
Previous News

Anti-Sanatan people alleges President Droupadi Murmu kept away from idols in Jagannath temple, Delhi— Here’s the truth

Next News

Bamboo could be a future renewable energy source: Study

Related News

The accused, Labhshankar Maheshwari, had migrated from Pakistan and granted an Indian citizenship in 2005. (Photo: India.com)

Gujarat: Pakistani-origin man arrested for spying on Bharat after 17 years of having citizenship

Representative Image

Maya OS: Indian Defence Ministry to switch to indigenous operating system amid threats

Modi Government offers free tools to detect and remove malware, Read Details

(Photo Courtesy: The Economic Times)

MOVEit transfer tool leveraged by hackers to steal user data: US security researchers

A representation image, Source: Cyber Security News

Beware! Delete these 101 applications to protect your Android phones from dangerous malware

Alert! ‘Daam’ virus infects Android phones, hacks into call records and change passwords: Govt

Load More

Latest News

The Supreme Court has directed the Tamil Nadu government to consult the Union government on setting up Jawahar Navodaya Vidyalayas

Tamil Nadu: Supreme Court asks TVK government to consult Centre on Jawahar Navodaya Vidyalayas

Lakhs of devotees gathered in Puri for Rath Yatra

Rath Yatra 2026: Torrential rains fail to deter lakhs of devotees as Puri resonates with unwavering faith

Yogi Govt To Introduce 'My Health World' books In UP Schools (This image is generated by AI)

Uttar Pradesh: Yogi Govt to introduce ‘My Health World’ books in UP schools, focus on nutrition and reduce screen time

Vishva Hindu Parishad (VHP) Working President Alok Kumar

Hyderabad school row: VHP’s Alok Kumar seeks probe over Kalma homework; complaint filed, BJP blames Congress

NEET 2026 Re-Exam Result announced

Re NEET 2026 Result announced by NTA: 11.21 lakh candidates qualify; Download scorecard here & know the state toppers

Karnataka: Counterfeit Rs 500 note manufacturing unit busted in Beltangady; Ibrahim-led gang arrested

ED raids 16 locations in Tamil Nadu, two in Keralam and one in Srinagar in Roshan Fiaz crypto cyber fraud probe

Representative Image

Balochistan: Pakistani authorities cut food, medicine supply to the province along with erosion indigenous culture

Iran-themed event at Shantiniketan High School in Hyderabad.
Image courtesy: Tathvam-asi (@Tathvam_asi on X

LRPF moves NHRC over display of Iran flags, Ayatollah Ali Khamenei poster at Hyderabad’s Shantiniketan school assembly

Parakkal Mohammed (File Photo)

Keralam: Parakkal Mohammed, who defied opposition to join the RSS, dies after prolonged illness in Wayanad

Load More
  • Privacy
  • Terms
  • Cookie Policy
  • Refund and Cancellation
  • Delivery and Shipping

© Bharat Prakashan (Delhi) Limited.
Tech-enabled by Ananthapuri Technologies

  • Home
  • Search Organiser
  • Bharat
    • Assam
    • Bihar
    • Chhattisgarh
    • Jharkhand
    • Maharashtra
    • View All States
  • World
    • Asia
    • Africa
    • North America
    • South America
    • Europe
    • Australia
  • Editorial
  • Operation Sindoor
  • Opinion
  • Analysis
  • Defence
  • Culture
  • Sports
  • Business
  • RSS @ 100
  • Entertainment
  • More ..
    • Sci & Tech
    • Vocal4Local
    • Special Report
    • Education
    • Employment
    • Books
    • Interviews
    • Travel
    • Health
    • Politics
    • Law
    • Economy
    • Obituary
  • Subscribe Magazine
  • Read Ecopy
  • Advertise
  • Circulation
  • Careers
  • About Us
  • Contact Us
  • Policies & Terms
    • Privacy Policy
    • Cookie Policy
    • Refund and Cancellation
    • Terms of Use

© Bharat Prakashan (Delhi) Limited.
Tech-enabled by Ananthapuri Technologies