New Wave of Anatsa Mobile Malware Targeting Bank Customers

11.01.24

Threat Intelligence Alerts

Home News New Wave of Anatsa Mobile Malware Targeting Bank Customers

Further update on the Anatsa mobile malware threat reported on the 5th of December.

A new wave of the Anatsa mobile malware campaign has emerged over the recent holiday period, targeting bank customers in multiple countries. Over 30 new malware samples have been observed by threat intelligence teams, who have been working to protect customers.

This latest campaign uses streamlined overlay screens on victims’ phones, aimed solely at capturing mobile banking passcodes and credit card details. Earlier versions of Anatsa were more extensive in the data harvested, in an attempt to obtain as much sensitive customer information as possible. The simplified approach likely aims to avoid raising suspicions (see examples below):

Anasta Mobile Malware Screen Overlay Example — *Source: NatWest Group*

To protect yourself from mobile malware like Anatsa:

Only download apps from official app stores like Google Play and the App Store. Avoid sideloading apps from unknown sources.
Keep your phone and apps up-to-date with the latest security patches. Enable auto-update if available.
Use antivirus software on your mobile device for an extra layer of protection.
Be wary of suspicious links and attachments, especially in SMS/text messages, as they can install malware.
Consider using a credit card for online purchases instead of a debit card. Credit cards have stronger fraud protections.
Never share your mobile banking passcodes or PINs with anyone. Financial institutions will never ask for them.

Stay vigilant against mobile threats like Anatsa. Keep security software and mobile OS up-to-date and be careful when downloading apps or clicking links on your device. With proper precautions, you can avoid becoming a victim.

For further guidance on protecting yourself against mobile malware, view our ‘Mobile Malware’ guide.