Be the first, order the brand new Galaxy S24 FE, Galaxy Tab S10 Ultra, order the KING Galaxy S24 Ultra!

SamMobile has affiliate and sponsored partnerships. If you buy something through one of these links, we may earn a commission.

News For You
News For You
Notifications

Xenomorph is the latest banking malware discovered in Play Store apps

General
By 

Last updated: February 24th, 2022 at 17:08 UTC+01:00

The open-source nature of the Android ecosystem is very fruitful for both the developers and the users. However, this open-source nature has often been an issue for security. It lets hackers get a bit more creative in creating different malware. Infected apps are removed from the Play Store on a regular basis.

Now, Threat Fabric has confirmed the presence of a new banking trojan called Xenomorph. This Xenomorph banking trojan has been targeting Android users across Europe. Going by reports related to this trojan, it is a pretty scary one. Based on the information at hand, Xenomorph has infected users of over 56 different European banks.

The report also confirms that the malware has seen 50,000 installations from the Google Play Store. Notably, this Xenomorph malware was injected inside an app called Fast Cleaner. This app was masked to clean up the junk in your device and improve battery efficiency. But the main aim of the app was to feed your data to the malware.

Xenomorph trojan belongs to the same Gymdrop dropper family that deployed  the Alien trojan

Upon investigation, Threat Fabric found out that this Xenomorph banking trojan is from the Gymdrop dropper family. Apparently, this is the same dropper family that Threat Fabric discovered delivering a trojan dubbed Alien back in November 2021. For the unaware, droppers are programs that are designed to pull codes from some source and deploy them onto your device.

With the Fast Cleaner app, Xenomorph can get access to your login credentials for online banking apps. It monitors your activity and injects an overlay, similar to the original app. You may think that you are working directly with your banking app. In reality, you are giving your account information to this banking trojan.

It seems like Xenomorph is still in its early stages. But Threat Fabric reports that banks from Spain, Portugal, Italy, and Belgium, along with some crypto wallets and email apps, are infected with this trojan.

Join SamMobile's Telegram group and subscribe to our YouTube channel to get instant news updates and in-depth reviews of Samsung devices. You can also subscribe to get updates from us on Google News and follow us on Twitter.

General MalwareTrojan
Galaxy AI summarized

Scroll for more related content
News For You

You might also like

Remove these malware-infested apps from your smartphone right away

Remove these malware-infested apps from your smartphone right away

A recent report by researchers at security firm McAfee has revealed that more than 60 apps are infected with the Goldoson malware. The worse part is that these popular South Korean apps are downloaded and installed over a million times. The developers of these apps accidentally added the malware by using a third-party library that […]

  • By Sagar Naresh
  • 1 year ago
Beware of this Android malware that steals banking credentials from your phone

Beware of this Android malware that steals banking credentials from your phone

Update: A Google spokesperson has reached out with the following comment: “Google Play Protect checks Android devices with Google Play Services for potentially harmful apps from other sources. Users are protected by Google Play Protect, which blocks these identified malicious apps on Android devices.” Experts at Group-IB, ThreatFabric, and Cyble have found a new Android […]

  • By Sagar Naresh
  • 2 years ago
Autolycos malware infects over 3 million Android devices with these apps

Autolycos malware infects over 3 million Android devices with these apps

If you want to keep your Android smartphone free from viruses or malware, then it is highly recommended that you make use of the Google Play Store to download the official apps as there are some tight security measures and processes put into place that all apps must go through. However, every now and then, […]

  • By Sagar Naresh
  • 2 years ago