Researchers at ThreatFabric have discovered the existence of an Android malware that affects over 226 Android apps dubbed “Alien”. This malware is a fork of the infamous Cerberus malware. The researchers claimed that the creator of Cerberus shared the source code of the malware back in August. This was done after a failed attempt to sell it.
The researchers mentioned that this Alien malware is primarily in use in countries like Spain, Turkey, Germany, the United States of America, Italy, France, Poland, Australia, the United Kingdom, and India.
The researchers have found evidence that Alien malware mainly targets banking apps. Some notable applications banking applications like Kotak – 811 & Mobile Banking, HDFC Bank MobileBanking, SBI Anywhere, and iMobile are affected by this application.
Google Play Protect detected all samples of Cerberus, but the malware was not affected at that time because it was allegedly based on an older version of Cerberus. Alien malware is packed with malicious features and comes with a slew of capabilities.
According to the findings of Alien malware offers the following features: keylogging, remote access, SMS harvesting, SMS listing, SMS forwarding, SMS sending, device information collection, contact list collection, application listing, location collection, dynamic overlaying, target list update overlaying, USSD request making, call forwarding, remote actions, application installation, application start, application removal, showing arbitrary web pages, screen locking, push notifications, auxiliary C2 list, hiding the application icon, preventing removal of the application, emulation detection, and modular architecture.
The easiest way you can stay away from these malicious applications is by not installing applications from unknown sources. Also, it is recommended to keep the option to install apps from external sources disabled in your phone’s settings.