Android users have been given a reason to worry as dangerous Xenomorph Android malware has made a comeback, endangering Android phones worldwide. The malware attracted attention last year when it was distributed on the Google Play Store with over 50000 installations and targeted as many as 56 different European banks. Now the same malware has made a return in a new avatar, aiming to target many more institutions than before.
What is Xenomorph?
According to cybersecurity and research firm ThreatFabric, Xenomorph is an Android banking Trojan which derives its name from another banking trojan known as Alien, a reference to Ridley Scott’s famous franchise. It poses as different apps on the Google Play Store and was distributed via a dropper operation known as GymDrop.
Last year, it posed itself as a Fast Cleaner app on the Google Play Store, an application meant to clean up junk on the phone and speed up processes which had over 50000 installs. Instead, it turned out to be dangerous malware.
ThreatFabric reports that Xenomorph has made a comeback with a new variant known as Xenomorph C. The firm further reported that the malware was a work in progress throughout last year and was dropped in small campaigns.
The malware is now targeting over 400 banking apps and digital wallets by hacking bank accounts and stealing money. It can also carry out unauthorized transactions and has now become a fully-fledged automated fraud program.
ThreatFabric reports that the current targets include users in Spain, US and Turkey, but could soon spread worldwide. Thus, Android users need to be extremely careful while installing apps from the Google Play Store.
Signs to watch out for while installing apps from Google Play Store
1. See the app permissions
With the new Android updates, whenever you download any app, it asks you for various permissions depending on its purpose. However, you should always keep an eye out for any app asking for unusual permissions such as access to your personal information, contacts and more.
2. Check the reviews
Always check the app reviews before downloading it. People post app reviews based on their user experience.
3. See the number of downloads
Any app that is potentially harmful might have only a handful of downloads. So, only download apps which have already been downloaded a respectable number of times.
4. Read the app description
Google Play Store provides an app description along with information about the app creator. You can click on the developer’s name to see a list of other apps they have developed. Therefore, only install apps from trustworthy sources.