Antidot

The malware displays fake Google Play update pages in multiple languages, including German, French, Spanish, Russian, Portuguese, Romanian, and English, indicating potential targets in these regions.

Antidot uses overlay attacks and keylogging techniques to efficiently collect sensitive information such as login credentials.