Banking malware Xenomorph which quickly became known as one of the most dangerous malware after first appearing in Europe has now evolved and made its way to other regions.
In March 2023, a version with the capability to carry out autonomous on-device transactions, steal cookies, and target more than 400 banks was found.
New version of Xenomorph deceives people into downloading harmful software
The new mode of attack is to convince Chrome users that they need to update the internet browser using phishing pages and make them download malicious APKs in the process. It uses screen overlays to covertly steal valuable information such as usernames, passwords, and credit card numbers. Among the latest targets of Xenomorph are American financial institutions and cryptocurrency apps.
And while you may think that most people can see through ploys like these, the malware has already been downloaded thousands of times by users in Portugal, Spain, and the US.
The malware is powerful enough to simulate taps wherever it wants on a screen, allowing its operators to perform actions without getting detected.
If you ever spot a prompt asking you to update your internet browser, avoid it as these types of prompts are usually used by bad actors to capture the attention of their victims and trick them into downloading harmful stuff. Most people enable automatic updates in the Google Play store anyway, so chances are that most of your apps, including Chrome, are already up to date.
