Experts at cybersecurity company ThreatFabric have discovered an app in the Google Play store that masquerades as a QR code scanner. It has a built-in virus that is capable of stealing data from banking applications.
From the report of the researchers it became known that the banking Trojan Anatsa is being distributed in Russia through the Free QR Code Scanner application from the publisher QrBarBode LDC. If you have this on your phone, delete it. Interestingly, the app had a fairly high rating on Google Play and had a lot of downloads. It masqueraded as other similar programs.
The scheme worked like this: after installation, the application offered to download an update, so a virus got onto the phone. After that, the application works fine, so you don’t have to suspect anything.
It is reported that the program could steal data from banks “Sberbank”, “Tinkoff”, “Uralsib”, “Pochta-Bank”, VTB, “Raiffeisen” and “OTP-Bank”.