Anubis Android trojan spotted stealing PayPal credentials and locking devices

There is a trojan which steals PayPal credentials in the name of Anubis Android trojan, and it was brought into light thanks to a security researcher named Lukas Stefanko

Anubis Android Trojan works by encrypting all the files on an external medium and locks the infected device with a black screen.

According to Lukas Stefanko, It is often disguised as an Android application available for download in the Google Play Store.

“Crypto-Banking Ransomware found on Google Play. Once it lured my PayPal credentials it encrypted my files on an external medium and locked my device with a black screen. #Anubis,” Stefanko tweeted.

Once a device is compromised by the trojan, it starts collecting the banking credentials of the affected user by taking screenshots when the user enters their credentials into apps, after which it encrypts all the files and appends. Finally, it locks the device with a black screen.

Anubis trojan comes with a device lock feature which attempts to lock the compromised devices. However, Stefanko was able to circumvent it.

“I could bypass it, and it doesn't request ransom - maybe a bad implementation,” Stefanko stated.

According to a Google spokesperson, the tainted app is no longer available in the Google Play Store.

Tag : Android Trojan

Anubis Android trojan spotted stealing PayPal credentials and locking devices

Related tutorials in Anubis Android trojan spotted stealing PayPal credentials and locking devices

Related forums in Anubis Android trojan spotted stealing PayPal credentials and locking devices

Related news in Anubis Android trojan spotted stealing PayPal credentials and locking devices