As we constantly emphasize, the Android operating system is prone to malware, and care must always be taken to avoid being a hacking victim.
CSIRT has found a new malware named "Xenomorph" that steals users' banking app login credentials on Android smartphones.
Xenomorph malware has been discovered to target 56 European financial institutions, with a high impact and susceptibility rate. "Xenomorph Malware also targets Cryptocurrency wallets and general-purpose applications like emailing services,"
The main goal of this malware is to steal credentials by intercepting SMS and Notifications and then using them to log in and potentially employ 2-factor authentication tokens.
How does it Spread
Xenomorph is spread using a program called "Fast Cleaner" that was sneaked into the Google Play market and allegedly aimed to clean garbage, boost device speed, and optimize battery life. In actuality, this program is nothing more than a tool for spreading the Xenomorph Trojan quickly and easily.
"Fast Cleaner" was disseminated before the virus was placed on the remote server, making it difficult for Google to verify that such an app is being used for malicious purposes and being refused access to the PlayStore.
How Does It Work on Victims' Phones?
Xenomorph may gather device information and SMS messages, intercept alerts and new SMS messages, perform overlay attacks, and prevent users from removing it after it is installed on a victim's device. The malware also requests Accessibility Services privileges, which will allow it to grant itself additional rights.
The malware also takes users' banking credentials, according to the CSIRT, by overlaying bogus login pages over authentic ones. Its operators can bypass SMS-based two-factor authentication and enter into the victims' accounts without alerting them because it can intercept messages and notifications.
"The Fast Cleaner app has been deleted from the Play Store, but not before it received over 50,000 downloads," according to the CSIRT security advisory
No comments:
Post a Comment