A new form of Android banking trojan malware targets customers of 56 different European banks and has been downloaded by over 50,000 users in the space of a few weeks.
Detailed by cybersecurity researchers at ThreatFabric who’ve dubbed it ‘Xenomorph’ because of links to another trojan called Alien, this malware first appeared this month. The malware is designed to steal usernames and passwords to access bank accounts and other sensitive personal information.
Like many other forms of Android malware, the malware has apparently managed to bypass protections and gets onto smartphones via apps in the Google Play Store.
SEE: Cybersecurity: Let’s get tactical (ZDNet special report)
One of the apps identified was a cleaner app that promised to help speed up a device by removing unused clutter: the app has been downloaded over 50,000 times.
The app appeared to offer the functionality it advertises, but it also delivers the malware, which steals usernames and passwords with the aid of fake overlays that activate when the victim tries to log in to banking apps. The overlay is displayed in place of the real login screen, meaning any information entered is sent to the attackers.
Banks in Spain, Portugal, Italy and