I’ve got some urgent news you need to pay attention to. The nefarious Xenomorph Android malware I told you about in February is back in full force — and it’s targeting a whopping 100+ banking and crypto apps. Yeah, that’s just about all the major ones.
The Trojan (like the horse) is now even stealthier. The upgraded Xenomorph is launching a fresh assault on Android users — and there’s a tricky way it’s worming in: Through fake updates.
Get out of here, copycat
Xenomorph uses overlays to make you think you’re logging into your banking or crypto app — then uses details you provided to drain your account. You think everything is fine until you find all your money or crypto wiped out.
How is it spreading? This is interesting. Scammers have a new weapon of choice: Sites that fool you into thinking Chrome needs an update. What you end up downloading is a malicious file loaded with malware.
Guess which apps are in the crosshairs?
- We’re talking major players here like Chase, Citi, Bank of America, Capital One, PNC, Santander, TD Bank and Wells Fargo.
- On the crypto side, Coinbase, Binance and MetaMask aren’t safe.
The cherry on top? The overlays this malware uses to trick you can differ based on your physical location. Not a one-trick pony.
Be on high alert, keep your apps updated, and whatever you do, don’t fall for sketchy Upgrade Chrome messages. Always double-check sources and stick with the official Apple App Store and Google Play Store for downloads.
My words of wisdom: To update your browser, you only need to shut it down and restart. Updates are auto-installed. Don’t trust any site that tells you it’s the place to score the latest version — or tries to convince you that downloading a file is necessary to update your browser.
Stay smart, stay safe and keep those digital shields up! I’ll do my very best to keep you in the loop. Share this critical info you won’t find at the big news sites with someone you care about.