Anubis malware returns to Android and attacks bank accounts
The Anubis malware is rampant again on the Play Store. Hidden in harmless Android apps in appearance, he tries to empty the bank accounts and Paypal of his victims.

Once installed on an Android smartphone or tablet, Anubis triggers when launching an electronic wallet application like Paypal or the application of a bank. The malware thus retrieves the access codes, which hackers can easily exploit to empty a bank account.

To spread in the Android environment, Anubis hides itself in apparently legitimate applications, in which Google's protection systems do not detect any malicious code. The cybersecurity company Sophos Labs explains that hackers multiply the types of media to spread this malware: games, productivity applications, credit simulators, currency converters ...

In fact, these Android apps are mainly used to get the owner of the smartphone rights to download software, an authorization that is given easily when installing an app. Once infected, the smartphone only has to connect to a remote server to download the malware. According to Sophos Labs, Anubis is mostly used by hackers to suck up credentials and access codes from customers of banks around the world. It also attacks Paypal, ebay or Amazon accounts.

At this point, to guard against Anubis, Sophos Labs has not identified a real solution and advises the utmost caution on the Android Play Store, only downloading applications developed by recognized publishers, and paying attention to permissions requested when installing these apps.

Younes Derfoufi 

Leave a Reply