Thursday, October 29, 2020

New malware Alien can steal credentials from 226 Android apps

Must Read

Facebook must demonstrate neutrality, revamp its SOPs: Congress

New Delhi, Oct 28 : A day after the resignation of Facebook India’s controversial public policy head Ankhi Das,...

‘Grace Cancer Run’ by Hyderabad-based Foundation sets 2 Guinness records

Hyderabad, Oct 29 : Hyderabad based Grace Cancer Foundation, which hosted the world’s largest cancer awareness initiative, ‘Grace Cancer...

MI win toss, opt to bowl first against RCB

Abu Dhabi: Mumbai Indians (MI) have won the toss and opted to bowl first against Royal Challengers Bangalore (RCB)...

New Delhi: Cyber security researchers have found a new Trojan malware named Alien that can steal credentials from 226 Android apps in several countries including in India.

Alien Malware targeted other apps as well like

  • Gmail
  • Facebook
  • Telegram
  • Twitter
  • Snapchat
  • WhatsApp

Most targets are banking apps, but Alien malware can also show phishing pages for social, instant messaging, and cryptocurrency apps, reports ZDNet.

The Alien malware is a rented banking Trojan which offers more than the average capabilities of Android banking Trojans.

According to security researchers from ThreatFabric, Alien malware has common capabilities such as overlay attacks, control and steal SMS messages and harvest the contact list.

The Alien malware can leverage its keylogger for any use and, therefore, broaden the attack scope further than its target list. 

“It also offers the possibility to install, start and remove applications from the infected device”.

Most importantly, it offers a notifications sniffer, allowing it to get the content of all notifications on the infected device, and a RAT (Remote Access Trojan) feature (by abusing the TeamViewer application), meaning that the threat actors can perform the fraud from the victim’s device.

According to cyber security researchers, Alien malware is not a new piece of code but based on the source code of a rival malware named Cerberus which was an active malware-as-a-service (MaaS) last year.

“We also notice an interest from actors in recording and stealing more information surrounding the victim. How that information will be used or monetized can vary, it is just a matter of time before actors find out about the value of such information,” the researchers noted in a blog post.

The last quarter of 2020 will probably come with some additional changes to the threat landscape, especially since the source code of the Cerberus Trojan has been made publicly available.

In the coming months, we can definitively expect some new malware families, based on Cerberus, to emerge, the researchers added.

“We strongly recommend all financial institutions to understand their current and future threat exposure and consequently implement the relevant detection and control mechanisms”.

Disclaimer: This story is auto-generated from IANS service.

Subscribe us on The Siasat Daily - Google News

Latest News

Facebook must demonstrate neutrality, revamp its SOPs: Congress

New Delhi, Oct 28 : A day after the resignation of Facebook India’s controversial...

‘Grace Cancer Run’ by Hyderabad-based Foundation sets 2 Guinness records

Hyderabad, Oct 29 : Hyderabad based Grace Cancer Foundation, which hosted the world’s largest cancer awareness initiative, ‘Grace Cancer Run’, has set two Guinness...

MI win toss, opt to bowl first against RCB

Abu Dhabi: Mumbai Indians (MI) have won the toss and opted to bowl first against Royal Challengers Bangalore (RCB) here at Sheikh Zayed Stadium...

‘Who the hell are you?’, US lawmakers scold Twitter, Facebook, Google CEOs

By Nikhila NatarajanNew York, Oct 29 : “Baloney!”, “sham!” and “who the hell are you” scoldings dominated a Senate hearing on Wednesday where the...

Jasprit Bumrah completes 100 wickets in IPL

Abu Dhabi: Mumbai Indians pacer Jaspreet Bumrah became the 16th cricketer to scalp 100 wickets in the Indian Premier League (IPL) on Wednesday. The speedster...

More Articles Like This