The new malware spreads through the Google Play Store and has already infected more than 50,000 Android devices.
A new Android malware is currently spreading through the Google Play Store, which aims to steal banking information. It goes by the name of Xenomorph and targets users from 56 different financial institutions in Italy, Belgium, Portugal and Spain.
Alien Connections
The security experts at
fabric yarn
examined the malware code and found connections to the Alien banking Trojan. However, according to experts, Xenomorph is still in an early stage of development. Banking Trojans like Alien and Xenomorph aim to steal banking information, take over accounts, conduct transactions or sell the stolen financial information to buyers.
The app is disguised as a performance booster
Xenomorph entered the Play Store through a generic performance booster app like Fast Cleaner. At the time of installation, such applications are clean, which means that they pass the verification of the Play Store application. The payload is only collected after installation on the smartphone or tablet. Here, the app asks for different authorizations and can then be granted more access rights.
Wide access to banking applications
At the current stage of development, Xenomorph can intercept notifications and log SMS, among other things. In this way, malware can steal things like one-time passwords and credentials used to protect accounts. However, the modular design could allow Xenomorph to reach its full potential in the near future, according to Threadfabric. This would make the malware comparable to other modern Google Android banking Trojans.
To protect yourself from malware like Xenomorph, experts advise against blindly downloading apps from the Play Store that promise too good to be true. It is also recommended to take a look at the comments of the app before installing it.
Introvert. Beer guru. Communicator. Travel fanatic. Web advocate. Certified alcohol geek. Tv buff. Subtly charming internet aficionado.
