A team of IT security researchers from ThreatFabric have discovered a new type of Android malware that comes with a wide range of features in addition to allowing a Trojan malware called ‘Alien’ to steal credentials from 226 Android applications.
According to researchers, the new trojan has been active since the beginning of 2020. They discovered that the trojan was offered as Malware-as-a-Service (MaaS) —releasing the software and equipment for carrying out cyber attacks — by providing an underground forum of hacking. The report published by ThreatFabric has revealed that Alien malware was based on the source code of a malware gang, known as Cerberus.
Malware is a new generation of Android banking Trojans that incorporates integrated remote access features into code bases and makes Alien malware a more dangerous creation to infect.
The researchers noted that the new malware could show fake access screens on victims’ devices and could collect passwords for various applications and services. Malware is also capable of allowing hackers to gain access to a device and use its credentials or perform other cyber operations.
A team of IT security researchers from ThreatFabric have discovered a new type of Android malware that comes with a wide range of features in addition to allowing a Trojan malware called ‘Alien’ to steal credentials from 226 Android applications.
According to researchers, the new trojan has been active since the beginning of 2020. They discovered that the trojan was offered as Malware-as-a-Service (MaaS) —releasing the software and equipment for carrying out cyber attacks — by providing an underground forum of hacking. The report published by ThreatFabric has revealed that Alien malware was based on the source code of a malware gang, known as Cerberus.
Malware is a new generation of Android banking Trojans that incorporates integrated remote access features into code bases and makes Alien malware a more dangerous creation to infect.
The researchers noted that the new malware could show fake access screens on victims’ devices and could collect passwords for various applications and services. Malware is also capable of allowing hackers to gain access to a device and use its credentials or perform other cyber operations.
The report also said that developers behind Alien malware have a “special interest in the usual group of most targeted countries, such as Spain, Turkey, Germany, the US, Italy, France, Poland, Australia and the UK.”
According to researchers, like other Trojan malware, these Alien features are primarily used for fraudulent operations. It was also discovered that the malware had support for submitting fake logins to 226 other Android apps.
It has also targeted apps like email, social media, messaging and cryptocurrency apps that include Twitter, Facebook, Telegram, Gmail, WhatsApp and more.