A newly discovered trojan, known as Alien, is attacking crypto apps on Android phones, including Coinbase, Blockchain.com, and Luno. This new malware strain is based on the notorious Cerberus trojan, which wreaked havoc in the Google Play store until the team responsible became complacent. Lack of continued distribution allowed Google Play Protect to almost completely eradicate Cerberus by August 2020.

Alien targets 226 Android apps, mostly geared toward the banking industry. In addition to stealing user credentials, the malware can install and remove applications from the infected device, and even intercept notifications:

“Most importantly, it offers a notifications sniffer, allowing it to get the content of all notifications on the infected device, and a RAT (Remote Access Trojan) feature (by abusing the TeamViewer application), meaning that the threat actors can perform the fraud from the victim’s device.”

The choice of Coinbase and Blockchain.com is understandable as these are two of the most popular crypto apps. It is less clear why the hackers targeted the much smaller Luno exchange (which was recently acquired by the Digital Currency Group), yet omitted (so far as we know) other industry giants like Binance.

American Crypto Association Exclusives!

Bookmark the site and sign up for relevant alerts, trading tips, masternode updates and important news hosted within our exclusive newsletter. Valued at $3,588, we are offering this service free for one year!

Get onboard now!

Exclusive Newsletter!

Sign up for exclusive trading tips, masternode updates and important news hosted within our newsletter!
!
!
Terms and Conditions checkbox is required.
Something went wrong. Please check your entries and try again.
Translate »
Scroll to Top