The Nigerian Communications Commission’s Computer Security Incident Response Team (CSIRT) has identified a newly-hatched malicious software that exposes users’ banking app login details on Android devices.
The security advisory from the NCC CSIRT identified the harmful software as “XENOMORPH” which aims to hit 56 financial institutions from Europe.
It says the software has a high impact and vulnerability rate.
In an advisory released on Sunday by the NCC to notify Nigerians of the harmful software, the commission stated that the main intent of Xenomorph was to steal credentials, combined with the use of SMS and notification interception to log in and use potential two-factor authentication tokens.
NCC’s spokesman, Ikechukwu Adinde, mentioned in the advisory that Xenomorph was slipped into the Google Play store by an application that was disguised as a legitimate application called ‘Fast Cleaner’ apparently meant to clear junk, increase device speed and optimise battery.
In reality, this app is only a means by which the Xenomorph Trojan could be propagated easily and efficiently, Adinde added.
The NCC disclosed that once the Fast Cleaner app is up and running on a device, Xenomorph could harvest a victim’s device information and Short Messaging Service (SMS), intercept notifications and new SMS messages, perform overlay attacks and prevent users from uninstalling it.
The NCC further said the malware also steals victims’ banking credentials by overlaying fake login pages on top of legitimate ones.
The CSIRT security advisory also confirmed that Xenomorph has been found to target 56 internet banking apps, 28 from Spain, 12 from Italy, 9 from Belgium, and 7 from Portugal, as well as Cryptocurrency wallets and general-purpose applications like emailing services.
Although, the Fast Cleaner app has now been removed from the Play Store, it had garnered over 50,000 downloads before its removal.
The commission, therefore, implore consumers and other stakeholders to always update banking applications to their most recent versions.
