Security News > 2023 > September > Xenomorph Android malware now targets U.S. banks and crypto wallets

Security researchers discovered a new campaign that distributes a new version of the Xenomorph malware to Android users in the United States, Canada, Spain, Italy, Portugal, and Belgium.
In December 2022, the same analysts reported about a new malware distribution platform dubbed "Zombinder," which embedded the threat into legitimate Android apps' APK file.
In the latest campaign, the malware operators opted to use phishing pages, luring visitors to update their Chrome browser and trick them into downloading the malicious APK. The malware continues to use overlays to steal information.
Although the new Xenomorph samples aren't vastly different from previous variants, they come with some new features indicating that its authors continue to refine and enhance the malware.
There, they discovered additional malicious payloads, including the Android malware variants Medusa and Cabassous, the Windows information stealers RisePro and LummaC2, and the Private Loader malware loader.
New Android MMRat malware uses Protobuf protocol to steal your data.
News URL
Related news
- New Crocodilus malware steals Android users’ crypto wallet keys (source)
- BadBox malware disrupted on 500K infected Android devices (source)
- MassJacker malware uses 778,000 wallets to steal cryptocurrency (source)
- North Korea’s ScarCruft Deploys KoSpy Malware, Spying on Android Users via Fake Utility Apps (source)
- Microsoft: New RAT malware used for crypto theft, reconnaissance (source)
- Microsoft Warns of StilachiRAT: A Stealthy RAT Targeting Credentials and Crypto Wallets (source)
- New Android malware uses Microsoft’s .NET MAUI to evade detection (source)
- APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- New Android Trojan Crocodilus Abuses Accessibility to Steal Banking and Crypto Credentials (source)