Android Document Readers and Deception: Tracking the Latest Updates to Anatsa
Zscaler, Thursday, August 21st, 2025
The Zscaler ThreatLabz team continually monitors and analyzes malicious applications distributed by threat actors via the Google Play Store. Last year, ThreatLabz reported on Anatsa malware (a.k.a. TeaBot) that attacks Android devices and targets financial applications.
Anatsa, first discovered in 2020, is capable of stealing credentials, monitoring keystrokes, and facilitating fraudulent transactions.
In this blog post, ThreatLabz dives into Anatsa's latest malware developments and provides insights into overall malware distribution trends in the Google Play Store.