Android Users Beware! New Banking Trojan Xenomorph Spread Malware via Google Play Store

By

New Android banking trojan Xenomorph is now spreading via Google Play Store to access the bank accounts and steal funds from its targets.

Google Play Store Kicks Out Apps Secretly Collecting User Data! Outdated Apps To Be Removed?
BRAZIL - 2021/05/11: In this photo illustration the Android logo seen displayed on a smartphone screen. Rafael Henrique/SOPA Images/LightRocket via Getty Images

Android's New Banking Trojan Xenomorph

As per a news story by Bleeping Computer, the latest malware in town is unlike most threats out there, which use malicious websites or phishing to spread.

Instead, the Xenomorph trojan is using an app listed on the Google Play Store to target its victims.

The news outlet disclosed that the new Android banking trojan has already infected more than 50,000 users from various European nations, such as Belgium, Portugal, Italy, and Spain.

It is worth noting that the newly discovered malware is still under its early development stage.

Xenomorph targets numerous banking institutions in various locations in Europe to steal the money of its victims.

According to a recent report by the cybersecurity firm, Threat Fabric, the new banking trojan in town is actually similar to an older counterpart, known as the "Alien."

Meanwhile, Bleeping Computer suggests that it could mean that Xenomorph is the next-generation Alien. But it could also be possible a lone developer is behind both of these similar Android trojans.

Xenomorph Malware: How it Works

The new banking trojan works like most previous versions of the malware, which attempts to access the bank accounts of its targets to steal their money.

Once the trojan is installed on its target device, it uses its accessibility permission to create a fake login screen on top of banking apps.

Google Chrome Users Beware: Emergency Update Releases to Fix Zero-Day Security Vulnerability
In this file photo taken on August 04, 2020, Prince, a member of the hacking group Red Hacker Alliance who refused to give his real name, uses his computer at their office in Dongguan, China's southern Guangdong province. - As the number of online devices surges and super-fast 5G connections roll out. NICOLAS ASFOURI/AFP via Getty Images

What's more, the Xenomorph also replicates login pages of cryptocurrency mobile wallets and email apps.

If ever the account that the trojan is trying to access requires two-factor authentication, it could also access the text messages of the victim, making the operation successful.

Banking Trojan on Google Play Store

As per the latest report by The Record Media, the Xenomorph malware hides beneath an app from the Google Play Store, pretending to be a performance-boosting software that goes by the name "Fast Cleaner."

The app vows to scan and clean Android devices to make the sluggish machine perform faster than ever. Bleeping Computer notes in the same report that banking trojans have been using utility apps to lure their targets into an infection.

Google is Removing ALL Android Call Recording Apps on Play Store Starting May | Here’s Why
BRAZIL - 2020/07/13: In this photo illustration an Android logo seen displayed on a smartphone. by Rafael Henrique/SOPA Images/LightRocket via Getty Images

The Fast Cleaner app has already garnered a whopping 50,000 installs from the Google Play Store. However, the official app storefront of Android has already kicked out the trojan spreading utility software.

This article is owned by Tech Times

Written by Teejay Boris

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Tags:AndroidMalwareGoogle Play Store
Join the Discussion
Most Popular
Real Time Analytics