Slovenia is among the targets of the Anatsa trojan horse, according to researchers of a malware detection company ThreatFabric. Users download the malware app on their phones, from where it can be used to break into other phone apps, most commonly banking apps.

ThreatFabric first detected the Anatsa malware in the first half of 2023 when it was targeting users in the UK, Germany and Spain. Now it is focusing on Slovenia, Slovakia and the Czech Republic, ThreatFabric said.

In this second phase alone the company found five malware apps that were downloaded more than 100,000 times. According to the portal Notebookcheck, the apps are no longer available in the Google Play store.

The national cybersecurity centre SI-CERT and the police are investigating two apps, which appeared on the app store under the names Phone Cleaner - File Explorer and PDF Reader: File Manager, that were used to financially harm several victims.

Users that have downloaded the apps should restart their phone in safe mode and delete the apps, SI-CERT said.