New Android Banking Trojan Xenomorph Targets US Banks and Crypto Wallets

Security researchers discovered a new campaign distributing the Android banking trojan Xenomorph, now targeting US banks and crypto wallets.
The malware uses phishing pages posing as Chrome updates to trick users into downloading malicious APKs.
Xenomorph steals user info through overlays, now targeting over 100 banks, crypto apps, and US financial institutions.
The latest version has new features like mimicry to impersonate legit apps, click simulation, and anti-sleep to prolong attacks.
Analysts found other Android and Windows malware linked to Xenomorph's infrastructure, suggesting collaboration between threat actors.

bleepingcomputer.com

Relevant topic timeline:

9/1/2023

US, UK intel agencies warn against new crypto malware: Report

A joint report by U.S. and U.K. intelligence agencies warns users about a new malware called "Infamous Chisel" that targets Android devices and crypto wallets and exchanges.

9/25/2023

Xenomorph Banking Trojan Targets Over 100 Finance Apps to Steal User Credentials

The Xenomorph Android malware has been upgraded to target over 100 banking and crypto apps, using a new "mimic" feature to act as another app and a "ClickOnPoint" feature to simulate taps on a phone's screen, making it a highly dangerous strain of malware that users should avoid falling victim to at all costs.