Technical Analysis of Anatsa Campaigns: An Android Banking Malware Active in the Google Play Store
IntroductionAt Zscaler ThreatLabz, we regularly monitor the Google Play store for malicious applications. Over the past few months, we identified and analyzed more than 90 malicious applications uploaded to the Google Play store. These malware-infected applications have collectively garnered over 5.5 million installs. Recently, we noticed an increase in instances ... Read More
Android and Windows RATs Distributed Via Online Meeting Lures
IntroductionBeginning in December 2023, Zscaler’s ThreatLabz discovered a threat actor creating fraudulent Skype, Google Meet, and Zoom websites to spread malware. The threat actor spreads SpyNote RAT to Android users and NjRAT and DCRat to Windows users. This article describes and shows how the threat actor’s malicious URLs and files ... Read More
SMS scams trick Indian banking customers into installing malicious apps
Zscaler’s ThreatLabz researchers recently observed the rise of a sophisticated phishing campaign spreading via fake banking sites targeting big indian banks like HDFC, AXIS and SBI. The team will continue monitoring the emerging situation and will provide an update on any significant new developments. Previously, ThreatLabz researchers observed Indian banking ... Read More
Rise of Banking Trojan Dropper in Google Play
The Zscaler ThreatLabz team has recently discovered the Xenomorph banking trojan embedded in a Lifestyle app in the Google Play store. The app is “Todo: Day manager,” and has over 1,000 downloads. This is the latest in a disturbing string of hidden malware in the Google Play store: in the ... Read More
Rise of Banking Trojan Dropper in Google Play
The Zscaler ThreatLabz team has recently discovered the Xenomorph banking trojan embedded in a Lifestyle app in the Google Play store. The app is “Todo: Day manager,” and has over 1,000 downloads. This is the latest in a disturbing string of hidden malware in the Google Play store: in the ... Read More
