Android users beware! Dangerous money-stealing malware RETURNS; Know how to stay safe | Tech News

Android users beware! Dangerous money-stealing malware RETURNS; Know how to stay safe

A dangerous malware which became popular last year for stealing bank accounts on Android phones has made a return. Know how you can stay safe.

| Updated on: Mar 16 2023, 15:35 IST
ALERT! Do you use USB devices? Beware! Your Windows computer under threat from Malware
Xenomorph malware
1/5 Red Canary: cybersecurity researchers have discovered a new malware that spreads to Windows computers through infected USB drives. However as of now, researchers are unaware of how it happens. (REUTERS)
Xenomorph malware
2/5 According to Tech Radar, the cybersecurity researchers did not name the malware but linked it to the group of malicious actors they call Raspberry Robin. (Pixabay)
Xenomorph malware
3/5 According to the report by researchers, "While msiexec.exe downloads and executes legitimate installer packages, adversaries also leverage it to deliver malware. Raspberry Robin uses msiexec.exe to attempt external network communication to a malicious domain for C2 purposes." (REUTERS)
Xenomorph malware
4/5 The malware spreads to new devices via an infected .LNK file. Once someone plugs in the USB drive, the malware runs the infection process via command prompt. (REUTERS)
Xenomorph malware
5/5 The researchers said, "We also don't know why Raspberry Robin installs a malicious DLL, one hypothesis is that it may be an attempt to establish persistence on an infected system, though additional information is required to build confidence in that hypothesis." (MINT_PRINT)
Xenomorph malware
icon View all Images
Xenomorph targets Android phones via Google Play Store. (Unsplash)

Android users have been given a reason to worry as dangerous Xenomorph Android malware has made a comeback, endangering Android phones worldwide. The malware attracted attention last year when it was distributed on the Google Play Store with over 50000 installations and targeted as many as 56 different European banks. Now the same malware has made a return in a new avatar, aiming to target many more institutions than before.

What is Xenomorph?

According to cybersecurity and research firm ThreatFabric, Xenomorph is an Android banking Trojan which derives its name from another banking trojan known as Alien, a reference to Ridley Scott's famous franchise. It poses as different apps on the Google Play Store and was distributed via a dropper operation known as GymDrop.

Last year, it posed itself as a Fast Cleaner app on the Google Play Store, an application meant to clean up junk on the phone and speed up processes which had over 50000 installs. Instead, it turned out to be dangerous malware.

Recent Emergence

ThreatFabric reports that Xenomorph has made a comeback with a new variant known as Xenomorph C. The firm further reported that the malware was a work in progress throughout last year and was dropped in small campaigns.

The malware is now targeting over 400 banking apps and digital wallets by hacking bank accounts and stealing money. It can also carry out unauthorized transactions and has now become a fully-fledged automated fraud program.

ThreatFabric reports that the current targets include users in Spain, US and Turkey, but could soon spread worldwide. Thus, Android users need to be extremely careful while installing apps from the Google Play Store.

Signs to watch out for while installing apps from Google Play Store

1. See the app permissions

With the new Android updates, whenever you download any app, it asks you for various permissions depending on its purpose. However, you should always keep an eye out for any app asking for unusual permissions such as access to your personal information, contacts and more.

2. Check the reviews

Always check the app reviews before downloading it. People post app reviews based on their user experience.

3. See the number of downloads

Any app that is potentially harmful might have only a handful of downloads. So, only download apps which have already been downloaded a respectable number of times.

4. Read the app description

Google Play Store provides an app description along with information about the app creator. You can click on the developer's name to see a list of other apps they have developed. Therefore, only install apps from trustworthy sources.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 16 Mar, 15:31 IST