this post was submitted on 26 Sep 2023
78 points (97.6% liked)

Android

17359 readers
211 users here now

The new home of /r/Android on Lemmy and the Fediverse!

Android news, reviews, tips, and discussions about rooting, tutorials, and apps.

🔗Universal Link: [email protected]

💡Content Philosophy:

Content which benefits the community (news, rumours, and discussions) is generally allowed and is valued over content which benefits only the individual (technical questions, help buying/selling, rants, self-promotion, etc.) which will be removed if it's in violation of the rules.

Support, technical, or app related questions belong in: [email protected]

For fresh communities, lemmy apps, and instance updates: [email protected]

💬Matrix Chat

💬Telegram channels / chats

📰Our communities below

Rules

  1. Stay on topic: All posts should be related to the Android OS or ecosystem.

  2. No support questions, recommendation requests, rants, or bug reports: Posts must benefit the community rather than the individual. Please post to [email protected].

  3. Describe images/videos, no memes: Please include a text description when sharing images or videos. Post memes to [email protected].

  4. No self-promotion spam: Active community members can post their apps if they answer any questions in the comments. Please do not post links to your own website, YouTube, blog content, or communities.

  5. No reposts or rehosted content: Share only the original source of an article, unless it's not available in English or requires logging in (like Twitter). Avoid reposting the same topic from other sources.

  6. No editorializing titles: You can add the author or website's name if helpful, but keep article titles unchanged.

  7. No piracy or unverified APKs: Do not share links or direct people to pirated content or unverified APKs, which may contain malicious code.

  8. No unauthorized polls, bots, or giveaways: Do not create polls, use bots, or organize giveaways without first contacting mods for approval.

  9. No offensive or low-effort content: Don't post offensive or unhelpful content. Keep it civil and friendly!

  10. No affiliate links: Posting affiliate links is not allowed.

Quick Links

Our Communities

Lemmy App List

Chat and More

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
78
Xenomorph Android malware now targets U.S. banks and crypto wallets (www.threatfabric.com)
submitted 11 months ago* (last edited 11 months ago) by [email protected] to c/[email protected]
3 comments fedilink hide all child comments
 
  • Security researchers found a new Xenomorph malware campaign aimed at Android users in multiple countries including the U.S. and Canada. It targets cryptocurrency wallets and various U.S. financial institutions.
  • Initially a banking trojan, Xenomorph has evolved to become more modular and flexible, with the ability to target over 400 banks. It also features an automated transfer system, MFA bypass, and cookie stealing.
  • The malware is distributed via phishing pages and embedded in legitimate Android apps. A new dropper named "BugDrop" was introduced to bypass Android 13 security features.
  • New functionalities include a "mimic" feature that allows it to act as another application, "ClickOnPoint" for simulating screen taps, and an "antisleep" system for prolonged engagement.
  • Collaboration with other potent Windows malware suggests the possibility of Malware-as-a-Service (MaaS). ThreatFabric analysts also discovered other malicious payloads like Medusa and Cabassous during their investigation.
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 4 points 11 months ago (1 children)

With Lineage OS, you probably can. It also seems to becoming more logical for common users to wipe and reinstall occasionally. Not that it is easy to do. It just seems like a lot of malware is hitting phones and that is likely to get worse.

[–] [email protected] 2 points 11 months ago

I think it's important to keep in mind that LOS is a partial solution. Firmware blobs will go unmaintained, and abandoned source trees still remain abandoned even when minimally hacked up to build with a newer kernel.

We need hardware makers committing to some kind of update plan that keeps users safe over the long run at every level.