What is the issue - A security researcher named Lukas Stefanko spotted Anubis Android trojan that steals PayPal credentials.
Why it matters - The trojan encrypts all the files on an external medium and locks the infected device with a black screen.
More details on the trojan
Lukas Stefanko spotted the Anubis trojan disguised as an Android application that is available for download in Google Play Store.
“Crypto-Banking Ransomware found on Google Play. Once it lured my PayPal credentials it encrypted my files on external medium and locked my device with black screen. #Anubis,” Stefanko tweeted.
Anubis trojan comes with a device lock feature which attempts to lock the compromised devices. However, Stefanko was able to circumvent it.
“I could bypass it, and it doesn't request ransom - maybe a bad implementation,” Stefanko told BleepingComputer.
Worth noting - Even though the Anubis infected app that is available in the Google Play Store does not have many installs, the app comes with 4 stars and 90 ratings.
These positive ratings could allow the app to gain popularity over a period of time. However, a Google spokesperson confirmed that the app is no longer available in the Google Play Store.