Trojan

Xenomorph

First seen: 2022-02 • Status: active

Currently Active Threat

Xenomorph attacks Android banking apps and can automatically steal money from your accounts. It targets hundreds of banks, especially in Europe.

Overview

Xenomorph is an Android banking trojan targeting European banks. It evolved to include automated transfer system capabilities and targets over 400 banking apps.

Also Known As

Xenomorph Banker

How It Spreads

  • Google Play droppers
  • Phishing
  • Malicious websites

What It Does

  • Banking credential theft
  • Automated transfers
  • Crypto wallet theft
  • SMS interception

Is your business exposed?

Target Platforms

Android

Detection Tips

  • Monitor for accessibility service requests
  • Check app permissions

MITRE ATT&CK Techniques

T1417, T1411, T1056

If You're Infected

  1. 1.

    Contact your bank

  2. 2.

    Factory reset device

Related Malware

Teabot, Sharkbot, Cerberus

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices