Security News > 2023 > March > Xenomorph Android malware now steals data from 400 banks

The Xenomorph Android malware has released a new version that adds significant capabilities to conduct malicious attacks, including a new automated transfer system framework and the ability to steal credentials for 400 banks.

"With these new features, Xenomorph is now able to complete automate the whole fraud chain, from infection to funds exfiltration, making it one of the most advanced and dangerous Android Malware trojans in circulation," warns ThreatFabric.

Currently, Xenomorph v3 is being distributed via the 'Zombinder' platform on the Google Play store, posing as a currency converter and switching to using a Play Protect icon after installing the malicious payload. New Xenomorph targets.

The most notable feature introduced in the new Xenomorph version is the ATS framework, which enables cybercriminals to extract credentials automatically, check account balances, conduct transactions, and steal money from target apps without performing remote actions.

In addition to the above, the new Xenomorph features a cookies stealer that can snatch cookies from the Android CookieManager, which stores the user's session cookies.

Xenomorph was a notable new malware entering the cybercrime space a year ago.

News URL

https://www.bleepingcomputer.com/news/security/xenomorph-android-malware-now-steals-data-from-400-banks/