Malware-ridden apps made it into Google's Play Store, scored 19 million downloads

Cloud security vendor Zscaler says customers of Google’s Play Store have downloaded more than 19 million instances of malware-laden apps that evaded the web giant’s security scans.

Zscaler’s ThreatLabz spotted and reported 77 apps containing malware, many of them purporting to be utilities or personalization tools.

Many contained an updated version of the Anatsa banking trojan, malware that first appeared in 2020. The latest build includes a keylogger for password collection, SMS interception capabilities, and anti-detection tools. Zscaler thinks it’s being used to target 831 financial institutions globally, including both crypto exchanges and regular banks.

What makes the new strain particularly worrisome is its ability to hide in plain sight, as demonstrated by the failure of Google's malware detection systems. The latest build of Anatsa downloads each new chunk of code with a separate DES key to make detection harder, and alters its name to ...