Samsung Galaxy owners issued warning to delete apps that can take control of devices and raid mobile banking
You definitely don't want to fall foul of these nasty apps.
Experts have warned that anyone with a selection of suspect apps on their Samsung Galaxy devices should delete them immediately.
The apps are all said to leverage an established trojan malware called Anatsa, meaning they're masquerading as useful for you - but are in fact designed to invade your phone and steal data and personal details. In fact, they even have the power to make banking transactions without you knowing - potentially taking money out of your account.
Cybersecurity firm ThreatFabric has identified five apps as being riddled with malware, and says the software is specifically targeted at Samsung Galaxy devices.
Advert
This means that, while all five apps should be deleted by anyone on an Android device, if you have a Galaxy phone then things are particularly urgent.
The five apps in question are:
- Phone Cleaner - File Explorer
- PDF Viewer - File Explorer
- PDF Reader - Viewer & Editor
- Phone Cleaner: File Explorer
- PDF Reader: File Manager
Luckily, Google acted quickly and took them down from the Google Play Store - meaning you can't download any of them now.
However, the apps were reportedly collectively downloaded at least 150,000 times, meaning there could be loads of copies still on people's phones.
Google issued a statement on the apps to tech site Bleeping Computer: "All of the apps identified in the report have been removed from Google Play. Android users are automatically protected against known versions of this malware by Google Play Protect, which is on by default on Android devices with Google Play Services.
"Google Play Protect can warn users or block apps known to exhibit malicious behavior, even when those apps come from sources outside of Play."
ThreatFabric published a report on the malware in question, finding that the apps effectively masked their bad intentions by first getting permissions from users to access files and systems (since they were in theory to help explore files and clean them out of your phone).
The apps could then access a remote server and slowly but surely download malicious parts that weren't present in their base version, which also probably helped them evade detection by Google before reaching the Play Store.
If any of those app names are remotely familiar to you, it might be time to go onto your phone and search for them, because you don't want to go anywhere near them if you can avoid it.