The Xenomorph banking trojan, according to a report by Dutch cybersecurity firm Threat Fabric, is a type of dropper malware that is designed to ‘drop’ malicious code onto the targeted device. And the approach used to delver this virus to any Android smartphone is similar to how the Alien from the Alien movie franchise operated. In the movies, the Xenomorph hid within the spaceships and began slaughtering the crew one by one. Hackers are employing other apps to hide the Xenomorph banking virus in the same way. Take, for example, the Google Play Store’s Fast Cleaner app.
The Xenomorph malware, according to the report, was hidden inside the Fast Cleaner app, which purports to optimise your smartphone by removing junk files, boosting RAM, and so on. According to the report, the Xenomorph banking trojan is currently targeting Android users in Europe.
The Xenomorph trojan is still new, according to the report, although it has before encountered a similar sort of dropper malware known as just Alien.
Working Mechanism
When users open a targeted app, the malware, according to security researchers, puts up an overlay window on your smartphone screen. Users who are unaware of the malicious window interact with it, allowing the hackers to obtain the data being fed to the overlay screen. Bad actors can use the overlay attack to steal your banking information and login credentials. Banks in Spain, Portugal, Italy, and Belgium are among the targets, according to Threat Fabric. A few crypto wallets and email apps were also attacked.