How to Remove Zr89YEwgl7.exe "Zr89" Spyware/Malware [Trojan:Win32/Wacatac.B!ml]

We may receive a commission for purchases made through some ads/links on this page A new data-stealing malware is on the loose! First repor...

Monday, September 28, 2020

Android Malware 'Alien' Controls Your Phone and Steals Bank Accounts

  September 28, 2020    Riserbo

After the 'Cerberus Trojan' invaded the Google Play Store earlier this year, developers released its source code in August, which was quickly used to spawn new malware running similar scripts. One of these new strains of Cerberus, dubbed 'Alien', is a remote access toolkit complete with an arsenal of keyloggers, SMS control, and information harvesting software.

Alien has been observed using local phone data to steal bank accounts in the same manner Cerberus operates, but it can also set up Team-Viewer sessions between attackers and victims to give them full control in real-time. This feature makes the new strain even more dangerous.

Use Malscope Antivirus to defend your Windows 10 computer

How it works: If you're unfortunate enough to install this malware package from infected Google Play Store apps, it will begin its invasion by prompting for admin privileges. If authorized, it will immediately start running keylogging software (to store everything you type) and it will gain access to your other apps and system settings.

Once it has set up it's data-extraction environment, Alien will begin to target individual apps and phish for passwords from its victims. In other words, it will send fake login pages designed to look like they're from a trusted app. Have you been a victim of phishing? Read more about 'spearphishing' malware here. Alien can also delete any app and install new ones (presumably to install newer, antivirus-resistant versions of itself in the future).

The last stage of an Alien Android attack involves the Team-Viewer feature mentioned previously. Attackers controlling the malware may observe infected devices through the Team-Viewer software, and directly access apps so they can find and extract more valuable data.

Targeted apps: The Alien malware is known to display phishing pages for all popular banking/cryptocurrency apps as well as the following:

  • Google Play Games
  • Google Play Store
  • Gmail
  • Facebook
  • Instagram
  • Twitter
  • Snapchat
  • Skype
  • Yahoo
  • Telegram
  • WhatsApp
  • PayPal
  • Netflix
  • Amazon
  • Ebay

(This list will be updated as more phishing pages are discovered - Scroll up and click "Subscribe" to be notified) 


How to avoid infection: Google Play has implemented new security measures which should eliminate the possibility of being infected by Alien through the Play Store. That being said, be extra careful when installing newer apps which prompt for admin privileges. Alien is also being spread through online forums and message boards. For now, it's best to avoid Android apps offered outside of the Play Store altogether.
 
Alien has been one of many malware variants targeting Android devices through Google Play Store this year. Want to learn more about Android malware? We also covered the infamous 'Joker' Trojan here.
 
Windows 10 Remote Access - RemoteLance

   / /

  2 Comments

2 comments:

  1. LIFE LINEMay 20, 2021 at 6:15 AM

    This comment has been removed by a blog administrator.

    ReplyDelete
  2. Mary JamesJune 9, 2022 at 4:21 PM

    You have done great work by publishing this article here. It is useful and convenient info for us. Keep upgrading our knowledge by share these types of articles.Social Media Hackers For Hire

    ReplyDelete

Subscribe to: Post Comments (Atom)