Security News > 2020 > July > New Android Malware Now Steals Passwords For Non-Banking Apps Too
Cybersecurity researchers today uncovered a new strain of banking malware that targets not only banking apps but also steals data and credentials from social networking, dating, and cryptocurrency apps-a total of 337 non-financial Android applications on its target list.
Dubbed "BlackRock" by ThreatFabric researchers, which discovered the trojan in May, its source code is derived from a leaked version of Xerxes banking malware, which itself is a strain of the LokiBot Android banking trojan that was first observed during 2016-2017.
These credential-stealing overlays have been found on banking apps operating in Europe, Australia, the US, and Canada, as well as shopping, communication, and business apps.
Cybereason uncovered a different class of banking malware known as EventBot that leveraged the same feature to exfiltrate sensitive data from financial applications, read user SMS messages, and hijack SMS-based two-factor authentication codes.
"With the changes that we expect to be made to mobile banking Trojans, the line between banking malware and spyware becomes thinner, [and] banking malware will pose a threat for more organizations."
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/qGGAlqCWJ6E/android-password-hacker.html
Related news
- New DroidBot Android banking malware spreads across Europe (source)
- New DroidBot Android malware targets 77 banking, crypto apps (source)
- Cyber crooks push Android malware via letter (source)
- SpyLoan Android malware on Google play installed 8 million times (source)
- 8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play (source)
- Germany sinkholes BadBox malware pre-loaded on Android devices (source)
- Germany blocks BadBox malware loaded on 30,000 Android devices (source)
- Android malware found on Amazon Appstore disguised as health app (source)
- BadBox malware botnet infects 192,000 Android devices despite disruption (source)