Nasty malware can steal login credentials for 400 banks

Malware can be used for many nefarious things. The scariest way it’s used is to steal banking information. Now, hackers are going straight for the financial reward, sidestepping the usual methods for data extraction.

Read on to see how Xenomorph malware goes after your banking details and what you can do about it.

Malware variant used to steal banking credentials

Xenomorph malware has been around for a few years, with hackers spending most of 2022 fine-tuning the code. Mainly used on small-scale targets, the malware failed to break into the virus market like others.

Cybersecurity researchers now believe that the initial version was only a test run, and the creators are ramping up its capabilities to be more devastating than before. ThreatFabric calls the latest version Xenomorph C and explains that the Android-based malware is a powerful banking Trojan.

“With these new features, Xenomorph can completely automate the entire fraud chain, from infection to funds exfiltration, making it one of the most advanced and dangerous Android malware Trojans in circulation,” it explains in a blog post.

In addition, this malware is concerning because it targets over 400 financial institutions and cryptocurrency wallets. Xenomorph C could become one of the most dangerous malware variants around.

Steps to keep malware from infecting your devices

One way to protect yourself from malware is to only download applications from the official app stores, such as the Google Play Store or Apple’s App Store. Third-party libraries don’t have strong security steps as official app stores do.

Here are more ways to stay protected from malware:

  • Avoid links and attachments — Don’t click on links or attachments you receive in unsolicited emails. They could be malicious, infect your device with malware and/or steal sensitive information. Now, just previewing a Word doc can be dangerous.
  • Beware of phishing emails — Scammers send malicious emails to trick you into clicking links that supposedly have important information. Look out for strange URLs, return addresses and spelling/grammar errors.
  • Use strong, unique passwords — Tap or click here for an easy way to follow this step with password managers.
  • Antivirus is vital — Always have a trusted antivirus program updated and running on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan with TotalAV for only $19 at ProtectWithKim.com. That’s over 85% off the regular price!

Keep reading

Continue reading

Don't want to use Google Pay? Samsung has its own digital wallet app

Samsung Wallet is a hybrid of two existing apps: Samsung Pay and Samsung Pass. This all-in-one app allows you to pay in multiple ways and store sensitive information. But how does it work?

If your Galaxy smartphone is compatible with Samsung Pay (Android 9 or above, not available on iOS), you can use Samsung Wallet.

Continue reading

$3 million

The value found within a bitcoin wallet that was unlocked after 11 years. Its owner had forgotten his password and contacted an ethical hacker to regain control of his crypto. Good thing, too — when he lost access to his wallet originally, its contents were only worth $3,000 to $4,000.

Surprise: Software that promises to 'reveal' naked pics plants password-stealing malware

TikTok videos constantly go viral. Tap or click here to see how going viral on TikTok has changed the music industry. One of the biggest this year is the Invisible Challenge. It’s where people use a filter to make their body appear to be see-through, leaving just a silhouette visible.

Continue reading

This malware steals your passwords and is on sale for anyone who wants to use it

Using a Password Manager is the best way to protect your authentication details for websites and services. Unfortunately, some people take the easy route by letting their internet browser do all the critical remembering.

Continue reading

Bad app warning: These apps with 300K downloads caught stealing banking info

The Android operating system is very popular, which is why it’s a huge target for cybercriminals. Tap or click here to see how this smart TV remote is really malware.

Due to how the OS is coded, it is easy to create apps and malware that impact millions. Couple that with the prevalence of banking apps in the Android ecosystem, and you have a disaster waiting to happen. Unfortunately, a new group of malicious apps has been discovered.

Continue reading

Malicious new apps are stealing bank details - Here's what to look for

Screen recordings can be very useful when you want to explain something to a friend. A screenshot can also help you remember places, prices or contact details. But when malware records your screen without your knowledge, you are in trouble.

Continue reading

Nasty malware steals banking passwords and 2FA codes

Phone-exclusive malware might sound far fetched, but as any Android user can tell you, it’s very real. Most people use their phones more than their computers nowadays, which makes them a perfect target for malicious apps that steal personal data and spy on their victims.

Continue reading