Caution Advised for North American Android Users When 'Updating' Chrome Browser

 

Caution Advised for North American Android Users When 'Updating' Chrome Browser

The Xenomorph banking malware, initially notorious for its presence in Europe, has undergone significant evolution and expanded its reach to various regions.

Recent findings from cybersecurity firm ThreatFabric, as reported by Bleeping Computer, reveal that a fresh iteration of Xenomorph is now targeting Android users in the United States, Canada, Spain, Italy, Portugal, and Belgium. Its primary objectives include pilfering cryptocurrency from individuals' wallets and infiltrating the accounts of American users across diverse financial institutions.

During its initial discovery in Europe, Xenomorph managed to ensnare unsuspecting victims through the Google Play store, ultimately deceiving over 50,000 users. Over time, it grew increasingly formidable, with the August 2022 version successfully breaching Android 13's security measures.

By March 2023, a more advanced version surfaced, capable of executing autonomous on-device transactions, stealing cookies, and targeting over 400 banks. Additionally, the report underscores the malware authors' dedicated efforts to develop strategies for compromising Samsung and Xiaomi devices, both popular Android smartphone brands.

Xenomorph's latest tactics involve duping Chrome users into believing they need to update their web browsers through deceptive phishing pages, leading them to download malicious APK files. It deploys screen overlays covertly to extract sensitive data, including usernames, passwords, and credit card information. Notably, the malware now has American financial institutions and cryptocurrency applications in its crosshairs.

Despite the apparent sophistication of these attacks, many users in Portugal, Spain, and the US have already fallen victim to Xenomorph, resulting in thousands of downloads.

One of the malware's formidable capabilities is its ability to simulate touchscreen taps, granting its operators the freedom to execute actions discreetly, evading detection.

If you encounter a prompt urging you to update your web browser, exercise caution, as such prompts often serve as bait for unsuspecting victims to download harmful content. Most users typically enable automatic updates in the Google Play store, ensuring that their apps, including Chrome, are up-to-date without the need for manual intervention.