Security News > 2020 > September > Alien Android Banking Trojan Sidesteps 2FA
A newly uncovered banking trojan called Alien is invading Android devices worldwide, using an advanced ability to bypass two-factor authentication security measures to steal victim credentials.
Researchers believe Alien is a "Fork" of the infamous Cerberus banking malware, which has undergone a steady demise in use over the past year.
"Based on our in-depth knowledge of the trojan, we can prove that the Alien malware is a fork of the initial variant of Cerberus, active since early January 2020 and rented out at the same time as Cerberus," said researchers with ThreatFabric, in a Thursday analysis.
The Alien RAT has various commonly used Android malware capabilities, including the ability to launch overlay attacks, control and steal SMS messages and harvest contact lists - as well as keylogging, location-collecting and other capabilities.
"Looking at what we know now about what happened with Cerberus and Alien, we could speculate that Cerberus was on the decline as the developers behind the trojan shifted away from the project with the original source in order to start their own," researchers said.
News URL
https://threatpost.com/alien-android-2fa/159517/
Related news
- Rocinante Trojan Poses as Banking Apps to Steal Sensitive Data from Brazilian Android Users (source)
- TrickMo Android Trojan Exploits Accessibility Services for On-Device Banking Fraud (source)
- New Octo2 Android Banking Trojan Emerges with Device Takeover Capabilities (source)
- Hackers steal banking creds from iOS, Android users via PWA apps (source)
- New Android Malware 'Ajina.Banker' Steals Financial Data and Bypasses 2FA via Telegram (source)