Tech News Desk – The Xenomorph malware is back and it has been followed by another Android Trojan threat. But it is not fully developed yet. Yet it can lead to devastating consequences for people around the world. It has been injected on the Google Play Store ecosystem. Let us tell you, Google Play Store offers millions of apps for Android users for any and all tasks. Even after several attempts, many harmful apps go undetected. The new Trojan is known as Nexus. It is capable of targeting over 450 apps on the Google Play Store.
What is Nexus?
The Nexus first appeared on several hacking platforms in January 2023, as reported by Clefe. A modified version of YouTube, YouTube Vanced, is being distributed via phishing pages masquerading as legitimate websites, according to threat intelligence firm Cyble. The Trojan is capable of stealing passwords from banking applications and can intercept both 2FA codes received via text messages as well as codes generated by the Google Authenticator app. Nexus is offered on a ‘malware-as-a-service’ platform where hackers pay other cyber criminals to access their service.
How does it work?
Nexus takes over a bank account by launching an overlay attack which involves putting an overlay or a fake version on top of a legitimate banking app. When users log into their accounts, the overlay captures their username and password. Additionally, the Nexus has a keylogger that can capture any password the user types in or autofills on their phone.
how can you stay safe
1. Do not download and install apps from unknown sources. Use only the Google Play Store to install apps.
2. Do not download any app from third party app store.
3. Do not open any links from any text message you may receive. The bank never asks to do this.
4. Install antivirus and antimalware software on your smartphone to keep it safe from any potential malware.