Another example of apps that bypass Google’s threat detection filters and enter the Play Store and secretly install malware-laden apps on phones. . . Cybersecurity researchers have revealed that more than 300,000 users have downloaded malicious Android apps containing banking trojans directly from the Google Play Store.
Researchers at ThreatFabric identified four families of banking trojans recently distributed via Google Play. They point out that these software collectively incur “significant” financial losses for targeted banks.
These four trojans hide inside all kinds of applications. The most popular of these is Anatsa, which has been downloaded by over 200,000 users alone. This malware has been found to be hiding inside apps that appear to be QR code scanners, document scanners, and cryptocurrency apps.
Programmers are finding new techniques every day to bypass Google’s filters and they manage to hide their applications better. They try to shorten their code as much as possible so they manage to circumvent Google’s artificial intelligence. Moreover, according to the analysis, these software do not automatically become active in order to reach more people, it waits for a good infection and dispersal, and then does what it will do. This allows them to bypass automatic detection mechanisms.