Xenomorph Android malware

Xenomorph Android Malware is Dangerous and Stealing From 100 Banking Apps Protect Yourself

4.3 / 292 5 Mins Admin

October 3, 2023


Android malware is malicious software designed to target devices running the Android operating system. Such type of malware is the Xenomorph Android malware which has been updated over time and now it has the ability to target more than 100 different banking and crypto apps. According to the sayings of BleepingComputer this banking Trojan was discovered in February 2022 by the security investigators at ThreatFabric. It is getting stronger with its every update and now it is powerful enough to bypass the Android 13 security system. This malware was scattered using the Bug Drop dropper.

Currently, android users in different countries around the world including the U.S., and Canada, and in European countries like Portugal, Spain, Italy, Belgium and many more are being targeted by the powerful version of Xenomorph Android Malware.  After an upgrade, this malware is capable of acting as another app on Android devices and allows a Click-On-Point which enables the cybercriminals controlling the malware to add taps on exact places on your Android phone screen.

You may also check the post about the Top 10 Best Australian Casino Sites for Real Money.

In addition, this dangerous malware sneaks into your phone and steals your financial info about banking and different crypto apps which leads to a significant amount of money losses. Therefore safeguarding yourself against this malware is very important.

Chrome updates are used as bait: Xenomorph Android Malware

Cybercriminals use phishing sites to inject Xenomorph malware into Android devices as per the sayings of ThreatFabric. These phishing sites tell the user to update their Chrome as fast as possible as it is not up to date. The cybercriminals page shows a button at the bottom of the page which shows “Upgrade Chrome” but when the user clicks on the button it leads to a malicious APK file instead of downloading the newest version of Google Chrome. Then the Xenomorph malware is installed on the smartphone through the malicious APK file.

By using overlaps this banking Trojan steals your financial information through baking apps and crypto apps. The banking and crypto apps below are the most likely to be targeted by Xenomorph malware:

  • Bank of America
  • Capital One
  • PNC
  • Santander
  • Chase
  • Citi
  • TD Bank
  • Wells Fargo
  • Coin Base
  • Binance
  • Meta Mask
  • Trust wallet

It is important to highlight that the Xenomorph Android malware includes distinct overlays which are different based on the victims’ geographical location.

How to Secure Your Android Devices From this Dangerous Android Malware?

As a large number of Android users are familiar with that app updates come directly from the Google Play Store so they would neither update their Google Chrome browser from the website nor install a distinct APK file. By this, the users can defend themselves not falling for the Chrome update bait.

Secure from Xenomorph Android malware

Apps installed from a website are used by cybercriminals as a weapon to inject Xenomorph Android malware. So it is instructed not to download apps from a website you can install apps from official Android app stores like Google Play Store, the Apple App Store, the Amazon app store and Samsung Galaxy store as apps here go through high security checks. Meanwhile, the apps installed from websites do not go through such security checks.

To further enhance your security an Android antivirus app must be installed on your Android phone. An antivirus app can scan newly installed apps and existing apps on your smartphone and can safeguard your device against Android malware. This job is also done by Google Play Protect. However, it doesn’t provide the facilities which a paid Android Antivirus app provides.

In contrast, the Xenomorph Malware is new for most Android users but many updates and new versions are released which makes this malware more powerful. So to attack banking and crypto apps hackers and cybercriminals will still be using the Xenomorph Android malware.


This infamous Android malware has once again reappeared. Now it has been improved with abilities that let it target over 100 various banking and crypto apps. This improved version of dangerous Android malware that is known as Xenomorph is being used in a new promotion that targets Android users in the United States, Canada, and some European countries such as Spain, Portugal, Italy, and Belgium.