Last Updated on 23/02/2022 by Nidhi Khandelwal
More than 50,000 Android devices have been infected with a new malware named Xenomorph, which was spread through the Google Play Store in order to steal banking information.
Xenomorph, which is still in the early stages of development, is aimed at users of dozens of financial institutions in Spain, Portugal, Italy, and Belgium.
Researchers at ThreatFabric, a fraud and cybercrime protection firm, discovered code in Xenomorph that is identical to the Alien banking malware. This implies that the two dangers are linked in some way: either Xenomorph is Alien’s successor, or a developer has been working on both.
Banking trojans like Xenomorph are designed to steal sensitive financial information, take control of accounts, and conduct fraudulent transactions, with the stolen data being sold to prospective purchasers.
The Xenomorph malware got into the Google Play Store through generic performance-boosting apps like “Fast Cleaner,” which has 50,000 downloads.
Banking trojans, including Alien, employ such apps as a standard enticement because there’s always a desire for tools that promise to boost the performance of Android devices.
Fast Cleaner fetches the payload after installation to avoid rejection during the Play Store application review, ensuring that the app is clean at submission time.