banking trojan (2)

12236323458?profile=RESIZE_400xRecently identified Xenomorph Android banking trojan samples show an expanded target list that now includes North American users.  Initially detailed in February 2022 and likely linked to the infamous banking trojan Alien, Xenomorph relies on overlays to steal users’ personal and login information.  It can also intercept notifications and SMS messages to bypass two-factor authentication.

See:  https://redskyalliance.org/intel-reports/intelligence-report-weekly-data-and-threats-04-20-2023

The mal

10920614087?profile=RESIZE_400xThe Godfather Android banking trojan has been observed targeting over 400 banking and crypto applications in 16 countries. Godfather was initially observed in June 2021 and is believed to be the successor of the Anubis banking trojan, likely built on top of the Anubis source code that leaked in 2019.  Compared to Anubis, Godfather features updated command-and-control (C&C) communication and implementation, a modified traffic encryption algorithm, a new module for managing virtual network computi