Security News > 2023 > March > Nexus: A New Rising Android Banking Trojan Targeting 450 Financial Apps
An emerging Android banking trojan dubbed Nexus has already been adopted by several threat actors to target 450 financial applications and conduct fraud.
"Nexus provides all the main features to perform ATO attacks against banking portals and cryptocurrency services, such as credentials stealing and SMS interception."
It's also said to overlap with another banking trojan dubbed SOVA, reusing parts of its source code and incorporating a ransomware module that appears to be under active development.
A point worth mentioning here is that Nexus is the same malware that Cleafy initially classified as a new variant of SOVA in August 2022.
Interestingly, the Nexus authors have laid out explicit rules that prohibit the use of its malware in Azerbaijan, Armenia, Belarus, Kazakhstan, Kyrgyzstan, Moldova, Russia, Tajikistan, Uzbekistan, Ukraine, and Indonesia.
The malware, like other banking trojans, contains features to take over accounts related to banking and cryptocurrency services by performing overlay attacks and keylogging to steal users' credentials.
News URL
https://thehackernews.com/2023/03/nexus-new-rising-android-banking-trojan.html
Related news
- New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls (source)
- New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers (source)
- New DroidBot Android banking malware spreads across Europe (source)
- New DroidBot Android malware targets 77 banking, crypto apps (source)
- This $3,000 Android Trojan Targeting Banks and Cryptocurrency Exchanges (source)
- Fake Recruiters Distribute Banking Trojan via Malicious Apps in Phishing Scam (source)