![]() ![]() The two forms of malware use the same HTML resource page to trick victims into granting accessibility services privileges, which they abuse to help take control of the device. ThreatFabric has linked Xenomorph to another Android trojan malware, Alien, because of design similarities. The malware can also intercept SMS and app notifications to help steal authentication needed to bypass any multi-factor authentication that has been applied. The malware is also equipped with overlays that can steal passwords for email accounts and cryptocurrency wallets. The overlay is displayed in place of the real login screen, meaning any information entered is sent to the attackers.īanks in Spain, Portugal, Italy and Belgium are currently among those being targeted. The app appeared to offer the functionality it advertises, but it also delivers the malware, which steals usernames and passwords with the aid of fake overlays that activate when the victim tries to log in to banking apps. One of the apps identified was a cleaner app that promised to help speed up a device by removing unused clutter: the app has been downloaded over 50,000 times. ![]() SEE: Cybersecurity: Let's get tactical (ZDNet special report) Like many other forms of Android malware, the malware has apparently managed to bypass protections and gets onto smartphones via apps in the Google Play Store.
0 Comments
Leave a Reply. |