"Xenomorph Android Banking Trojan Returns with a New and More Powerful Variant"

ThreatFabric's most recent research reveals that a new variant of the Android banking Trojan known as Xenomorph has been seen in the wild. Hadoken Security Group, the threat actor behind the operation, dubbed the updated version "Xenomorph 3rd generation" since it includes additional features that allow it to conduct financial fraud seamlessly. This new version of the malware adds numerous new capabilities to an already feature-rich Android banker, including the introduction of an extensive runtime engine powered by Accessibility services, which actors use to implement a complete ATS framework, according to the security firm. A year ago, in February 2022, it was discovered that Xenomorph was targeting 56 European banks through dropper apps available on the Google Play Store. In contrast, the most recent version of the banker, which has a website promoting its capabilities, aims to target over 400 banking and financial institutions and various cryptocurrency wallets. This article continues to discuss findings regarding Xenomorph 3rd generation Trojan. 

THN reports "Xenomorph Android Banking Trojan Returns with a New and More Powerful Variant"