As reported by computer security experts, a worrying hacker attack is still ongoing in Europe, which is targeted in particular the devices equipped with Android: The danger comes from apparently completely harmless applications, through which the cybercriminals are part of entering the victim’s current account on duty.
The fulcrum of the problem is the viruses Crocodilus And Anataalso found within apparently safe apps available to everyone on the Google Play Store, that is, the platform of greater distribution of products for Android: obviously this has allowed hackers to have an extremely effective diffusion channel, given the millions of daily downloads on the portal. Therefore, there are many users who have potentially downloaded the infected files that could put sensitive data and current accounts at risk.
The pitfall is double, given that, as explained by the Threatfabric experts, the malware implanted in the apps come into operation only after theinstallation on the device, thus climbing over the initial protections of Android systems. The best advice is to eliminate these applications, so as to avoid unnecessary risks: Google has already entered into action, eliminating them from the store, but someone may have already downloaded them. Not only that, given that some users have reported the presence of the same programs on other unofficial portals.
The two insidious viruses find themselves in common use apps such as programs to open the pdf or “cleaners” to clean the memory of the device. As mentioned, the go -ahead for the malware comes after the installation: the “breach” that opens on the operating system allows the cybercriminals to act freely. Crocodilus is a typical banking trojan through which it is possible to check the data entered on the screen by the user, read messages and e-mails and carry out banking operations on behalf of the victim. Anatsa, more advanced program, allows the hackers to perform transactions directly without the goal on duty not even realize.
Is there a way to understand if our smartphone has been infected with the insidious Crocodilus and Anatsa? Among the signs Revolors can be counted the sudden slowdowns of the smartphone, the unmotivated dirt surge in data trafficking even without open apps, the appearance of strange notifications that generally disappear from the screen quickly, the request for access to the microphone or camera and finally the oddities detectable precisely in the banking apps. If one or more of these anomalies occur, the advice is to launch the scan of the system with an updated antivirus and, for greater safety, immediately change all the access credentials starting from those relating to the bank account.
What app is it better to eleminise and never download to our devices to avoid unnecessary risks? As mentioned, the greatest pitfall is given by the fact that both Crocodilus and Anatsa are hidden in common use apps and that both do not enter into action before installation on the system for which they are almost impossible to detect at the time of the download. Threatfabric’s cybersiculia experts shared a list of potentially infected apps, which would be good to uninstall from the smartphone as soon as possible, then changing all the access credentials. It is specifically:
- Telephone cleaning – File explorer (Com.Volabs.Androidcleaner)
- PDF Viewer – File explorer (Com.Xolab.fileExplorer)
- PDF reader: Viewer and editor (Com.jumbodub.fileexplorerpdfViewer)
- Telephone cleaning: File explorer (Com.Appiclouds.Phoneaner)
- PDF player: file manager (com.tragisap.fileandpdfmanager).
Therefore, therefore, the apps that are on the Google Paly Store are not safe: the best advice is to carry out preventive checkscarefully examining the download number and
User reviews, especially negative ones, and the authorizations necessary to make the program work: eye to all those who require access to the microphone and camera, often this is a danger signal.