11-07-2025 
|
Getting your Trinity Audio player ready...
|
A new type of malware has been discovered, which hackers are using to steal passwords from as many as 226 different Android apps, according to reports.
Dubbed “Alien,” the malware has been running throughout 2020, and has been made available on hacking forums on a Malware-as-a-Service basis.
Malware analyst Gaetan van Diemen said Alien was being distributed through phishing sites, fake apps and SMS.
“A lot of it seems distributed via phishing sites, for example malicious pages tricking the victims into downloading fake software updates or fake Corona apps (still a common trick at the moment).”
“Another method observed to be used is the SMS, once they infect a device they collect the contact list which they then reuse for further spreading of their malware campaign.”
The malware is reported to be particularly dangerous because of its remote access capabilities, and the fact that it has been deployed successfully in harvesting banking app credentials from device users.
Alien works by allowing scammers to show fake login pages, as well as granting hackers access to devices directly to use pre-saved credentials and to perform other malicious actions. Worryingly, the malware can also steal 2FA credentials, making it ideally suited to banking fraud.
Some 226 services were identified for which the malware was already using fake login screens, mainly banking apps from institutions in Spain, Turkey, Germany, the United States, Italy, France, Poland, Australia, and the United Kingdom.
However, researchers have also identified targeting of a number of other commonly used apps, including Gmail, Facebook, Telegram, Twitter, Snapchat and WhatsApp.
Android users are advised to be aware of any apps they are installing on their device, and to think twice before granting admin access to new apps downloaded from the Play Store. Nevertheless, it is thought the malware will continue to infect unsuspecting Android users worldwide for some time to come.
Recommended for you
