Virus detected! – Malware is one of the many threats that hang over the owners of cryptomoney systems. One of these malware, called „Alien“, attacks applications for smartphones with cryptos wallets, including those from Coinbase and Blockchain.com.
Our opinion on Iota (IOT) “
RAT’s attacks are multiplying
Cybersecurity company Threat Fabric announces that it has spotted a new Remote Access Trojan (RAT) virus.
While the Google Play Store for Android smartphones had just gotten rid of the Cerberus Trojan this summer, an heir seems to have already taken its place: Alien.
„The last quarter of 2020 is likely to see further changes in the threat landscape, especially since the source code for the Cerberus Trojan was released. In the coming months, we can expect new families of Cerberus-based malware to emerge“
Threat Fabric Report
Alien malware, in addition to the „classic“ theft of SMS and contact list from a device, has the ability to install, start and remove applications from the infected device.
Even worse, this malware (hidden in a legitimate-looking application) also includes a „notification sniffer“ – which allows you to obtain the contents of all notifications – as well as the famous RAT function. The latter exploits the TeamViewer application to take remote control of the malicious smartphone.
Several applications related to the cryptos concerned
According to Threat Fabric experts, at least 226 applications are targeted by the Alien infection. The majority of the targeted applications would be banking applications.
But among them, there are also cryptos wallet applications, notably those of Coinbase, Blockchain.com and Luno.
What is even more worrisome is that Alien has inherited the authentication code theft functionality of Cerberus version 2 (C2). This makes it possible to recover codes from dual authentication applications (2FA), such as Google Authenticator.
While the eradication of its ancestor C2 in August 2020 has limited the impact of this new capability, Alien has only just been detected. Combined with its RAT feature, the effects could be devastating.
Therefore, more than ever, you should be wary when you recover an application, including on the Google Play Store. Be sure to get it directly from the application’s publisher to avoid possible spurious copies.