Anatsa malware targets users in North America by posing as a benign app called "PDF Update." It uses deceptive overlays to mislead users when accessing banking applications, claiming maintenance periods. This marks an ongoing issue with Anatsa, which has been active since 2020, striving to compromise mobile banking users in both the United States and Canada. The malware operates by exploiting developer profiles on app stores to publish legitimate apps, gaining a user base before embedding malicious code to conduct fraudulent activities.
"This marks at least the third instance of Anatsa focusing its operations on mobile banking customers in the United States and Canada," Dutch mobile security company ThreatFabric said in a report shared with The Hacker News.
"Once the application gains a substantial user base - often in the thousands or tens of thousands of downloads - an update is deployed, embedding malicious code into the app," the company said.
Collection
[
|
...
]