Xenomorph: What to know about this Android banking trojan

Cyber Security

Xenomorph pilfers victims’ login credentials for banking, payment, social media, cryptocurrency and other apps with valuable data

More than 50,000 Android devices were compromised with an Android banking trojan called Xenomorph earlier this year. First reported by ThreatFabric, Xenomorph posed as a system-optimizing app called “Fast Cleaner”. Disguising malicious software as device optimizers, battery- or performance-enhancing and other utility tools is a rather common tactic for dangerous Android malware.

Xenomorph is after people’s login credentials for banking, payment, social media, cryptocurrency and other apps with valuable personal information. More than 50 apps, including PayPal, Coinbase and Binance, were abused by the banking trojan, which can also intercept SMS messages and notifications in order to bypass two-factor authentication (2FA).

In this video, ESET Senior Malware Researcher Lukas Stefanko walks you through the functionality of the malware from the victim’s point of view.

If you’re worried that your own phone may have been compromised by malicious software or want to learn how to keep malware off your phone, our article about common signs your phone has been hacked will have you covered.

Stay safe!

Products You May Like

Articles You May Like

New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration
Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes
Free Decryptor Released for BitLocker-Based ShrinkLocker Ransomware Victims
Bitcoin Fog Founder Sentenced to 12 Years for Cryptocurrency Money Laundering
Life on a crooked RedLine: Analyzing the infamous infostealer’s backend

Leave a Reply

Your email address will not be published. Required fields are marked *