New Android banking trojan Xenomorph is now spreading via Google Play Store to access the bank accounts and steal funds from its targets.
BRAZIL - 2021/05/11: In this photo illustration the Android logo seen displayed on a smartphone screen.
Android's New Banking Trojan Xenomorph
As per a news story by Bleeping Computer, the latest malware in town is unlike most threats out there, which use malicious websites or phishing to spread.
Instead, the Xenomorph trojan is using an app listed on the Google Play Store to target its victims.
The news outlet disclosed that the new Android banking trojan has already infected more than 50,000 users from various European nations, such as Belgium, Portugal, Italy, and Spain.
It is worth noting that the newly discovered malware is still under its early development stage.
Xenomorph targets numerous banking institutions in various locations in Europe to steal the money of its victims.
According to a recent report by the cybersecurity firm, Threat Fabric, the new banking trojan in town is actually similar to an older counterpart, known as the "Alien."
Meanwhile, Bleeping Computer suggests that it could mean that Xenomorph is the next-generation Alien. But it could also be possible a lone developer is behind both of these similar Android trojans.
Xenomorph Malware: How it Works
The new banking trojan works like most previous versions of the malware, which attempts to access the bank accounts of its targets to steal their money.
Once the trojan is installed on its target device, it uses its accessibility permission to create a fake login screen on top of banking apps.
In this file photo taken on August 04, 2020, Prince, a member of the hacking group Red Hacker Alliance who refused to give his real name, uses his computer at their office in Dongguan, China's southern Guangdong province. - As the number of online devices surges and super-fast 5G connections roll out.
What's more, the Xenomorph also replicates login pages of cryptocurrency mobile wallets and email apps.
If ever the account that the trojan is trying to access requires two-factor authentication, it could also access the text messages of the victim, making the operation successful.
Banking Trojan on Google Play Store
As per the latest report by The Record Media, the Xenomorph malware hides beneath an app from the Google Play Store, pretending to be a performance-boosting software that goes by the name "Fast Cleaner."
The app vows to scan and clean Android devices to make the sluggish machine perform faster than ever. Bleeping Computer notes in the same report that banking trojans have been using utility apps to lure their targets into an infection.
BRAZIL - 2020/07/13: In this photo illustration an Android logo seen displayed on a smartphone.
The Fast Cleaner app has already garnered a whopping 50,000 installs from the Google Play Store. However, the official app storefront of Android has already kicked out the trojan spreading utility software.
Related Article: Google's Android 13 Profile Switcher: Change Users on a Smartphone via the Lock Screen Soon [RUMORS]
This article is owned by Tech Times
Written by Teejay Boris
