This dangerous Android malware is stealing from 100 banking apps — protect yourself now
The notorious Xenomorph Android malware has resurfaced with upgraded capabilities, targeting over 100 different banking and crypto apps. Initially discovered by security researchers at ThreatFabric in February 2022, Xenomorph has undergone several updates, including modular and flexible features. The latest version of the malware is being used in a new campaign that specifically targets Android users in the U.S., Canada, Spain, Italy, Portugal, and Belgium.
One of the new features of Xenomorph is its ability to mimic other apps on Android smartphones, making it more difficult to detect. Additionally, the malware can simulate taps at specific places on a user’s screen, allowing cybercriminals to steal credentials from banking and crypto apps through overlays.
The cybercriminals behind this campaign are using phishing sites to infect unsuspecting Android users with the Xenomorph malware. These sites trick users into believing that their version of Chrome is outdated and needs an immediate update. However, instead of downloading a legitimate Chrome update, users unknowingly download a malicious APK file containing the Xenomorph malware.
To protect yourself from Android malware like Xenomorph, it is crucial to avoid falling for phishing schemes and only download app updates from official sources like the Google Play Store. Sideloading apps from unknown websites can expose your device to malware. Additionally, consider installing a reputable Android antivirus app for added protection.
The Xenomorph malware is continuously evolving, and cybercriminals may introduce new overlays for popular banking and crypto apps. Staying vigilant and following best practices for app downloads and updates is essential to avoid falling victim to this dangerous malware.
