The open source nature of the ecosystem Android it brings great benefit to both developers and users. However, it also poses a certain security risk - it allows hackers to be more creative in creating various malicious codes. Although infected apps are regularly removed from the Google Play Store, some escape Google's security checks. And one such one, which hides a banking trojan, has now been pointed out by the cybersecurity company Threat Fabric.
The new banking trojan, named Xenomorph (after the alien character from the Sci-Fi saga of the same name), targets users of devices with Androidem across Europe and is very dangerous – it is said to have already infected the devices of clients of more than 56 European banks. Some cryptocurrency wallets and e-mail applications were also supposed to be infected by it.
The company's report also points out that the malware has already recorded over 50 downloads in the Google Store - specifically, it hides in an application called Fast Cleaner. Its formal function is to rid the device of unnecessary data and improve battery life, but its main goal is to supply malware with client account information.
Disguised in this way, Xenomorph can gain access to user credentials for online banking applications. It tracks their activity and creates an overlay, similar to the original app. A user may think they are working directly with their banking application, but in reality they are giving informace about your account to the banking trojan. So, if you have installed the mentioned application, delete it from your phone immediately.
You could be interested in
