Xenomorph - explanation how new Android banking Trojan steals user banking credentials | Google Play

Подписаться 392 тыс.

Просмотров 38 тыс.

50% 1

This is a video demonstration of newly discovered Android banking malware by @ThreatFabric and found on Google Play Store with over 50,000 installs.
In the video I explain how Xenomorph tricks victims and steals their banking credentials by displaying phishing overlay activity over the legitimately launched app by user.
Read more about this threat: www.threatfabric.com/blogs/xe...

Наука

Опубликовано:

21 фев 2022

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 61

@techywarrior1190 2 года назад

Loved your video and huge fan sir, Please tech how to code them or make videos de-compiling them😀❤️❤️

@mahimmasrafi7205 2 года назад

Informative and really helpful.. Subscribed..

@Ebiko Год назад

I love that this shows in Detail what the malware is about and how it works, but the news just spread yesterday like a wildfire with gasoline 😅 Without the hint to just not allow access ability service

@fightingcarl3930 2 года назад

hey dude i saw your video where you reproduced instagram glitch, on that video u captured requests of instagram android. i tried that but burp says something like client failed to negotiate tls connection and did not capture any request from instagram. i dont know where i am doing wrong can u please help me out

@san-shiv 2 года назад

Which laptop you use

@bibhashpodh1074 2 года назад

Hey bro how can we build our own Android Monitoring apk for android 🙏🙏🙏

@iqlessmemes4115 2 года назад

ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-QxRy9sVUMQU.html

@shadowhacker5164 2 года назад

Hello sir full video??

@sanjayrauniyar5111 2 года назад

Big fan sir love from Nepal 🇳🇵❤️

@vipulmohan1229 2 года назад

Can u plz make vidio for get acces for monitoring on another phone

@abhishekkushwaha4947 2 года назад

Big fan sir ❤️❤️❤️ love you

@ucandoit364 2 года назад

Am a big fan sir...I want to learn

@Londons.finestxxx 9 месяцев назад

Where can i get this app from

@noone-sr3vo 2 года назад

open usb debuging mode on broken screen plss

@dumpaikumar3191 2 года назад

Hi bro which phone you use send me plz 😁🙏 bro and your best phone for hacking with monitor mode wifi supported

@ebisaguyo8199 Год назад

Hey Bro how to root android phone version 8.1.0

@josemariazentenoperez5499 Год назад

how can i unlock a phone with macropay lock from IMEI 🔒🔒

@Kiss0_0_0 2 года назад

Bro your channel unbanned? I think so I was having a channel it got removed from RU-vid it was again some stupid policies and many RU-vidrs can't upload eg: null byte. We just give education RU-vid Should take care 😭

@OneAndOnlyZekePolaris Год назад

Question why are you charging the phone when it is fully charged?

@matti0449 Месяц назад

he was using adb

@OneAndOnlyZekePolaris Месяц назад

@@matti0449 That makes no sense since adb is not used for charging a device that is already charged. Also my device disables charging when using this because it takes up cord room. They can only transfer so much data.

@COPYriGhtcom-oo6ho 2 года назад

How-to root vivo y31

@LEKIPE1 Год назад

Where can I get a sample of this malware

@pedrobandeira7079 10 месяцев назад

I wanna too. Maybe we can search it together

@vanshsantoshi7533 2 года назад

You can not only use accessibility to overlay on other apps ( It doesn't even require "Draw over other apps" permission ) but also use it as a keylogger, or just control the screen remotely. I've seen lot of malware doing these

@vanshsantoshi7533 2 года назад

@@Abdul-kn4py @TermuxSucks on Telegram

@lalchigamer5221 2 года назад

Sir We can hack Android phone permanently on WAN? If it,s possible so make video on it

@dolanD2 2 года назад

Antivirus for android? You were joking, right?

@OneAndOnlyZekePolaris Год назад

If you are already logged into your account and the app asks you to log in. That is a dead giveaway that there is a trojan trying to steal your information. In other words, Xenomorph isn't that good of a trojan if you can still spot it.

@abhishek_bhardwaj 2 года назад

Sir.. can you share this apk for study purpose

@OneAndOnlyZekePolaris Год назад

Xenomorph is just a copyright law breaking because that is a name of something already. All hacks are copyright infringements.

@ajaysoni7833 2 года назад

It,s also binded with whatsapp buisness and PicsArt

@adminxds 2 года назад

@ajaysoni7833 2 года назад

@@adminxds checked on virustotal total extract apk and scan it

@adminxds 2 года назад

@@ajaysoni7833 is whatsapp buisness asked for accessibility permissions?

@ajaysoni7833 2 года назад

@@adminxds the trojan is similar like xenomorph called rotexy & it,s available on Play Store whatsapp buisness it,s also binded with pics arts When you scan it on virustotal

@ayaspathan1289 Год назад

Kali linux install android per video banao

@AkashKumar-kp3bv 2 года назад

Bro your video nice 😉

@smarthdroid9834 2 года назад

I ask permission to use this video. give it to me friend and I will give credits to your channel

@livegameing4647 Год назад

Make a video on android pattern hack

@bibhashpodh1074 2 года назад

first😍

@eg.masumbillah7602 2 года назад

tutorial please

@mobilehacker 2 года назад

tutorial how to analyze such apps?

@androdeveloper7261 2 года назад

@@mobilehacker Yes

@Zappexe 2 года назад

Accessibility service abuse - classic

@androdeveloper7261 2 года назад

Overlay permission abused

@Zappexe 2 года назад

@@androdeveloper7261 You can see in the demo that trojan app requested accessibility service permission, otherwise it wouldn't able to catch events when victim application starts and inject it's own activity or draw overlay.

@androdeveloper7261 2 года назад

@@Zappexe Yes , it requested accessibility but for another reason. Accessibility is only required to automate input events on other apps. Here, It is granted "Draw over other apps" permission (Either explicitly or implicitly ) So that now app can show its fake login page on top of different apps. For detecting events, No explicit permission is needed ( Except Usage access). There is a background service continuously itrating over current activities and then detecting which is on top. ~ That's a easy approach.

@lazizkhan1 2 года назад

First like

@vanshsantoshi7533 2 года назад

In case anybody wants an app exactly like that, to test stuffs and for educational purposes, they can hit me up :) Also, that kind of malware can be injected into any other google play app too, I know how to do that :). That's why it's always dangerous to install pirated apps.

@ancestrall794 2 года назад

To inject you use metasploit ? I've bought couple months ago an Android tablet to hack it, metasploit was useful for me while doing it (injecting malware on some minecraft clone game)

@vanshsantoshi7533 2 года назад

@@ancestrall794 No, I code the malware, and I inject it manually by myself

@vanshsantoshi7533 2 года назад

@@ancestrall794 I see, that's cool ! Iuse metasploit too, now and then.