TeaBot, a highly sophisticated type of malware, is increasingly infecting Android smartphones. Cybersecurity firm Zscaler’s ThreatLabz reported a sharp rise in malicious activity leveraging TeaBot this week.

TeaBot, also known as “Anatsa,” is designed to impersonate seemingly harmless applications such as PDF and WR code readers. Once installed on an Android smartphone, it acts as a Trojan horse containing numerous financial scams.

“[TeaBot] is a known Android banking malware that targets applications from over 650 financial institutions, primarily in Europe. We observed Anatsa actively targeting banking applications in the US and UK. However, recent observations indicate that threat actors have expanded their targets to include banking applications in Germany, Spain, Finland, South Korea, and Singapore,” explains Zscaler ThreatLabz.