Security News > 2023 > September > Xenomorph Android malware now targets U.S. banks and crypto wallets

Security researchers discovered a new campaign that distributes a new version of the Xenomorph malware to Android users in the United States, Canada, Spain, Italy, Portugal, and Belgium.
In December 2022, the same analysts reported about a new malware distribution platform dubbed "Zombinder," which embedded the threat into legitimate Android apps' APK file.
In the latest campaign, the malware operators opted to use phishing pages, luring visitors to update their Chrome browser and trick them into downloading the malicious APK. The malware continues to use overlays to steal information.
Although the new Xenomorph samples aren't vastly different from previous variants, they come with some new features indicating that its authors continue to refine and enhance the malware.
There, they discovered additional malicious payloads, including the Android malware variants Medusa and Cabassous, the Windows information stealers RisePro and LummaC2, and the Private Loader malware loader.
New Android MMRat malware uses Protobuf protocol to steal your data.
News URL
Related news
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- GrassCall malware campaign drains crypto wallets via fake job interviews (source)
- New Crocodilus malware steals Android users’ crypto wallet keys (source)
- Google Play, Apple App Store apps caught stealing crypto wallets (source)
- Cross-Platform JavaScript Stealer Targets Crypto Wallets in New Lazarus Group Campaign (source)
- SparkCat Malware Uses OCR to Extract Crypto Wallet Recovery Phrases from Images (source)
- Week in review: Exploited 7-Zip 0-day flaw, crypto-stealing malware found on App Store, Google Play (source)
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)
- GitVenom Malware Steals $456K in Bitcoin Using Fake GitHub Projects to Hijack Wallets (source)