ThreatFactor: 12 apps for scanning QR codes steal data from Russians which steal banking data from infected devices. ThreatFactor analysts warned Russians and residents of a number of other countries about this. They note that the infected applications are mimicking document and QR code scanners.
ThreatFactor analysts add that all malicious applications, depending on the technological features of the downloaded code, can be roughly divided into three groups. The Anatsa group is targeting Russia, as well as the USA, Great Britain, Austria and other countries. The applications included in it have been installed 200 thousand times.
Experts note that after installing the application on the user's device, the program itself decides whether to download the virus to the phone. If the decision is positive, then the malicious code gets to the victim through a fake request to update the program. Such a scheme with a separate download of the virus allows its creators to pass all the necessary checks in the Google Play app store.
Earlier in Sberbank, Russians were warned against cyber threats of the future. Stanislav Kuznetsov, Deputy Chairman of the Board of the Bank, in an interview with Lenta.ru, noted that cyberattacks are becoming more diverse and are increasingly directed at new technologies.