A new strain of Android malware that comes with a wide range of features allowing it to steal credentials from 226 applications has been discovered and analysed by security researchers. The malware, called 'Alien', is allegedly a fork of the notorious Cerberus malware.
In August, after a failed attempt to sell it, the developer of Cerberus shared the source code of the malware, according to ThreatFabric researchers. While all samples of Cerberus were detected by Google's Play Protect, Alien malware was not affected because it was allegedly based on an older Cerberus edition. Alien malware is now taking the place of Cerberus as a result.In its own right, Alien is far more advanced than Cerberus, a reputable and dangerous Trojan.
Alien a dangerous mix to get infected with. Not only can Alien view fake login screens and collect passwords for different applications and services, but it can also provide access to computers for hackers to use certain credentials or even perform other acts.
Alien has the capabilities according to ThreatFabric, such as,Able to overlay content on top of other apps,Steal contacts list,Collect geo-location data,Collect device details and app lists,USSD request making,Call forwarding,Device info collection ....
These fake login pages were intended to intercept e-banking app credentials, explicitly supporting its evaluation that Alien was intended for fraud. Alien also targeted other applications, such as email, social, instant messaging and cryptocurrency applications.