Just days after the Android Xenomorph malware was revealed to have returned, another Android Trojan threat has surfaced, and although it’s not fully developed yet, it can still lead to disastrous consequences. for people around the world. It has been included in the Google Play Store ecosystem. The Google Play Store offers millions of apps to Android users for every task. Despite Google’s efforts, some potentially harmful apps still slip through undetected. The latest Trojan that has created major problems is called Nexus and it is capable of targeting almost 450 apps on the Google Play Store.
What is Nexus?
According to one report by Cleafy, Nexus first appeared on many hacking forums in January 2023. It is being distributed through phishing sites disguised as legitimate websites of YouTube Vanced, a modified version of YouTube, according to the threat intelligence company Cylinder.
This Trojan is capable of stealing passwords from banking apps and can intercept both 2FA codes received via text messages as well as codes generated by the Google Authenticator app.
Even though Nexus is still in development, it already has the potential to cause great harm. Nexus was introduced on the ‘Malware as a Service’ platform where hacker pay other cybercriminals to access their services.
How it works?
Nexus hijacks bank accounts by initiating overlay attacks that include placing an overlay or fake version on top of a legitimate banking app. When a user logs into their account, the overlay will record their username and password. In addition, Nexus has a keylogger that can record any password a user enters or autofills on their phone.
Furthermore, the latest Nexus version is capable of deleting text messages received on an infected device, halting its 2FA stealing feature, as well as updating itself regularly by pinging the command and control server. control (C&C) controlled by cybercriminals.
How can you stay safe
There are different ways you can stay safe from malware so keep it all bank information out of the hands of cybercriminals and hackers.
1. NEVER download and install apps from unknown sources. Only use the Google Play Store to install apps.
2. Never download any apps from third party app stores.
3. Do not open any links from any text messages you receive. Banks never ask customers to install any apps from a certain link.
4. Install anti-virus and anti-malware software on your smartphone to keep it safe from any potential malware.
