Trojan terror! Trojan targets 450 apps on Google Play Store, says report

Photo of author

Just days after it was revealed that Xenomorph Android malware has made a comeback, another Android Trojan threat has emerged and although it isn’t fully developed yet, it could still lead to disastrous consequences for people around the world. It has been injected into the Google Play Store ecosystem. Google Play Store offers millions of apps for Android users for any and all tasks. Despite Google’s attempts, some potentially harmful apps slip through without being detected. The latest Trojan that has created big problems is known as Nexus and it is capable of targeting almost 450 apps on the Google Play Store.

What is Nexus?

According to a report by Cleafy, Nexus first appeared on multiple hacking forums back in January 2023. It is being distributed through phishing pages disguised as legitimate websites of YouTube Vanced, a modified version of YouTube, according to threat intelligence firm Cyble.

The trojan is capable of stealing passwords from banking applications and can intercept both 2FA codes received through text messages, as well as codes generated by the Google Authenticator app.

Although Nexus is still in its developmental stages, it is already capable of causing major harm. Nexus has been introduced on a ‘Malware-as-a-Service’ platform where hackers pay other cybercriminals to access their service.

How does it work?

Nexus takes over a bank account by initiating overlay attacks which involves putting an overlay or a fake version on top of a legitimate banking app. When users log in to their accounts, the overlay captures their username and password. Additionally, Nexus has a keylogger that can capture any passwords a user types or autofills on their phone.

Moreover, the latest version of Nexus has the ability to delete text messages received on the infected device, halt its 2FA stealing feature, as well as update itself regularly by pinging a cybercriminal-controlled command-and-control (C&C) server.

How you can stay safe

There are various ways you can stay safe from malicious malware to keep all your banking information away from the hands of cybercriminals and hackers.

1. NEVER download and install apps from unknown sources. Use only Google Play Store to install apps.

2. Never download any apps from third-party app stores.

3. Do not open any links from any of the text messages you receive. Banks never ask customers to install any app from a given link.

4. Install antivirus and antimalware software on your smartphone to keep it safe from any potential malware.

Source link

Please follow and like us:

Leave a Comment

%d bloggers like this: