TechPression

Tag: Trojan

  • NITDA alerts Nigerians to fake Google Play Store site spreading Trojan

    NITDA alerts Nigerians to fake Google Play Store site spreading Trojan

    Hadiza Umar, the Head of Corporate Affairs and External Relations at the National Information Technology Development Agency (NITDA), issued a warning to Nigerians on Friday about a fake website that mimics the Google Play Store. 

    This fraudulent site, according to Umar, is distributing the Play Praetor Trojan, a new form of malware.

    “Cybercriminals are using fraudulent websites designed to mimic the Google Play Store to lure victims into downloading malicious applications,” she said.

    Tactics used to lure victims

    She explained that various social engineering techniques, such as phishing emails, malicious adverts, and SMS messages, were being used to spread the phoney Play Store URLs. 

    Related Post: Microsoft alerts crypto users about StilachiRAT malware stealing wallet data

    Umar claims that the Play Praetor Trojan, once downloaded via the fake website, gives hackers unauthorised access to the victim’s device.

    “This access can lead to data theft, credential harvesting, financial fraud, remote control of the device, and further malware deployment,” she warned.

    What to do

    She advised people to only download programs from trusted sources, such as the official Google Play Store.  

    Umar further advised users to verify the identities of app developers, read reviews before installing, and regularly update their devices and apps frequently to fix bugs.

  • A Trojan horse for Android devices called Xenomorph has the ability to compromise over 56 different financial apps.

    A Trojan horse for Android devices called Xenomorph has the ability to compromise over 56 different financial apps.

    Threatfabric, an online fraud detection business, recently disclosed that over 50,000 Android users have installed a Trojan that is capable of targeting over fifty-six banking apps.

    The Xenomorph, an alien species, inspired the name of this malware. At the moment, it only offers a few possibilities. However, the trojan appears to be in its early stages of development. It is reasonable to assume that the next version will be more capable.

    According to ThreatFabric, the fact that this malware continues to request repeated logins may indicate that it is not yet ready. The malware could have been created by the individuals responsible for the initial alien species, or it could have been created by someone who knows which code was used in the original version.

    By installing rogue apps from the Google Play Store for Android, the malware can be installed on a device. Recently, an app purporting to speed up a smartphone was discovered to have been previously controlled by a trojan and was effectively used to target over 50,000 consumers under the moniker Fast Cleaner.

     

    Read Also: The NCC CSIRT Discovers Malware That Targets Banking Applications



    After infiltrating the system, the Xenomorph is able to extract all personal data, including text messages. It is even capable of preventing the victim from uninstalling the application. This is a simple method for malware to take control of the system.

    The software can even steal banking information by displaying a counterfeit login window. With access to a user’s text messages, the malware can infiltrate other programmes without requiring a two-factor authentication.

    It operates by routing downloaded overlays for various financial applications to its command and control centre. This centre provides the user with a bogus log-in page that collects the user’s information.

     

    Read Also : Data Protection A Blessing or A Curse



    According to ThreatFabric, the virus communicates with its command and control centre only the overlay, not the logged data. The trojan has thus far targeted applications from a variety of nations, including Spain, Italy, and Belgium.

    Additionally, ThreatFabric stated that the malware has a great deal of potential to evolve into a more dangerous form. Future versions of this malware may be capable of stealing further data.