New Android banking malware Xenomorph found in Play Store apps

Xenomorph malware is currently under development yet it is being actively distributed on official Google Play Store.

Dutch cybersecurity firm ThreatFabric has revealed details of a newly discovered Android banking trojan hidden inside applications on the Google Play Store. ThreatFabric founder and CEO, Han Sahin, stated that there are more than 50,000 installations of this trojan, which the company dubbed Xenomorph, and its operators aim to reach the target of attacking 56 European banks and stealing sensitive data.

Malware Currently In-Development

According to ThreatFabric, Xenomorph malware is currently under development. However, despite that it features effective overlays and is actively distributed on official app stores, Sahin stated.

Furthermore, Xenomorph’s engine is “very detailed and modular” due to which it can exploit accessibility services. These capabilities may empower Xenomorph with highly advanced capabilities soon.

Similarities between Alien and Xenomorph

Researchers have noticed similarities between Xenomorph and another banking trojan called Alien. For your information, Alien was discovered in August 2020, shortly after the infamous Cerberus malware’s demise. Alien’s functionalities included 2FA theft and notification sniffing.

However, researchers also noted that Xenomorph was “radically different” from the remote access trojan (RAT) Alien in terms of functionalities. It is also suggested that Xenomorph

Read More: