Security News > 2020 > July > New Android Malware Now Steals Passwords For Non-Banking Apps Too

Cybersecurity researchers today uncovered a new strain of banking malware that targets not only banking apps but also steals data and credentials from social networking, dating, and cryptocurrency apps-a total of 337 non-financial Android applications on its target list.

Dubbed "BlackRock" by ThreatFabric researchers, which discovered the trojan in May, its source code is derived from a leaked version of Xerxes banking malware, which itself is a strain of the LokiBot Android banking trojan that was first observed during 2016-2017.

These credential-stealing overlays have been found on banking apps operating in Europe, Australia, the US, and Canada, as well as shopping, communication, and business apps.

Cybereason uncovered a different class of banking malware known as EventBot that leveraged the same feature to exfiltrate sensitive data from financial applications, read user SMS messages, and hijack SMS-based two-factor authentication codes.

"With the changes that we expect to be made to mobile banking Trojans, the line between banking malware and spyware becomes thinner, [and] banking malware will pose a threat for more organizations."

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/qGGAlqCWJ6E/android-password-hacker.html