Google has policies and screenings that prevent most malicious apps from making it onto the Play Store. However, some apps slip under the radar, and have real consequences for Android users.
According to cybersecurity researcher at ThreatFabric, over 300,000 Android users downloaded four different types of malware from “banking trojans.” These different malware types are found in apps that pose as otherwise innocuous programs. However, when the user downloads the app, the malware infects their phones, and steals valuable information.
The worst of this bunch is known as Anatsa malware, which ThreatFabric claims has affected over 200,000 Android users. This “advanced” malware scrapes phones for usernames and passwords, and watches everything you type and do on your device. Anatsa has been found in six apps on the Play Store since January, including a QR scanner installed over 50,000 times.
The malware isn’t installed the second the app is; instead, users are prompted to “update” the app as soon as they download it. That update really downloads the Anatsa malware onto the device. Other malware types behave similarly.
It can be difficult to know how to protect yourself from malicious apps when Google has approved them for use on the Play Store. Take note of everything on an app’s page before downloading it; does the description make sense? Is this an app that looks like it has a solid purpose? Are the screenshots legitimate or do they look off?
If an app prompts you to update outside the Play Store, don’t; official updates come through the Play Store only.
