Tech Desk 
May 21, 2025
In an unfortunate development, the National Telecommunication and Information Security Board (NTISB) has issued a critical cybersecurity advisory, alerting federal ministries and the public about harmful mobile applications on the Google Play Store.
The concerned malicious apps, said to be identified and removed by Google, pose serious risks to users' privacy, device security, and personal data.
Notable among the threats in the advisory are applications linked to the KoSpy spyware and the Anatsa (TeaBot) banking trojan, as reported by ProPakistani.
The abovementioned malware, disguised as legitimate tools like Phone Manager, File Manager, and Software Update Utility, were developed to collect sensitive information from users.
KoSpy spyware is reportedly associated with APT-37 and APT-43, the infamous North Korean hacking groups that can steal SMS messages, call logs, audio recordings, screenshots, and location data.
The other spyware, the Anatsa banking trojan, targets users of banking applications, attempting to steal login credentials and financial information.
Before it was removed from Google Play Store, Anatsa was downloaded over 220,000 times, meaning it spreaded widely and might have caused a turmoil.
Users are also advised to delete any identified malicious apps immediately and to only download applications from reliable sources.
The advisory also asks users to verify app's legitimacy and avoid the ones requesting excessive permissions. Enabling Google Play Protect is recommended for added security against harmful software.
