Xenomorph appears to be a “Fast Cleaner” productivity app that aims to speed up the device by removing unused files from devices. The Xenomorph malware is currently under development and has modern Android banking trojan capabilities. The primary attack vector includes enhanced functionalities to extract two-factor (2FA) authentication tokens received via SMS or notifications.
Xenomorph also targets Android users in Spain, Portugal, Italy, and Belgium by manipulating certain apps such as e-mail services and cryptocurrency wallets. It is recommended that Android users download applications from official and reliable sources, check the permissions requested by the applications to be downloaded, and use Anti-Virus / Anti-Malware solutions to avoid being affected by similar campaigns. In addition, it is crucial to prevent IoC findings related to the malware in question from the security solutions used.[/vc_column_text][vc_empty_space][/vc_column][/vc_row]