According to experts from the cybersecurity company ThreatFabric, the dangerous Free QR Code Scanner application from the publisher QrBarBode LDC was distributed through the Google Play app store in Russia - the Anatsa banking Trojan was found in it.
The researchers emphasized that among the Russian banks, whose data could have been stolen by Anatsa, there are Sberbank, Tinkoff, Uralsib, Pochta-Bank, VTB, and Raiffeisen. At the time of this writing, the app and publisher page on Google Play are not available:
Free QR Code Scanner had a high rating and many positive reviews on Google Play, with more than 50,000 downloads. The peculiarity of the program is that after installation, the user is offered to download the update.
Together with it, the program evaluates the device by identifier, model, region, country and Android version, determining whether it is worth downloading the virus to the phone. After downloading the banking Trojan Anatsa through this application, it works fine, so the owner of the infected smartphone is not even aware of the danger.
It would seem that Google Play could be blamed for the availability of Free QR Code Scanner, but the application passes security checks due to the fact that the dangerous Trojan is downloaded separately from the program.
The researchers emphasized that among the Russian banks, whose data could have been stolen by Anatsa, there are Sberbank, Tinkoff, Uralsib, Pochta-Bank, VTB, and Raiffeisen. At the time of this writing, the app and publisher page on Google Play are not available:
Free QR Code Scanner had a high rating and many positive reviews on Google Play, with more than 50,000 downloads. The peculiarity of the program is that after installation, the user is offered to download the update.
Together with it, the program evaluates the device by identifier, model, region, country and Android version, determining whether it is worth downloading the virus to the phone. After downloading the banking Trojan Anatsa through this application, it works fine, so the owner of the infected smartphone is not even aware of the danger.
It would seem that Google Play could be blamed for the availability of Free QR Code Scanner, but the application passes security checks due to the fact that the dangerous Trojan is downloaded separately from the program.
