Without question, the internet and related online apps have simplified our lives considerably. Yet, this might become a major issue when cybercriminals start targeting our personal and financial data.
Four hundred fifty apps on the Google Play Store were recently attacked by a malicious online threat. Believe it or not, Google Play Store is a widely used platform for accessing millions of online apps. You might be surprised to learn that there are 3.48 million apps on Google Play Store. In 2021, the global annual number of app downloads from the Google Play Store was 111,3 billion.
A New Android Trojan threat emerged just a few days after it was discovered that the Xenomorph Android malware had made a comeback. Despite the fact that it is not yet fully developed, it still has the potential to have catastrophic effects on people all over the world. Reports suggest that 450 apps on Google Play Store have been targeted by this new Android Trojan threat.
The Google Play Store is a hub of millions of applications for Android users. Users can access myriads of apps for multiple purposes, from personal to professional. However, there are still some apps in the Google Play Store that have the potential to cause harm. The irony is that these potential threats go unidentified during the installation process.
The most recent variant of the Trojan horse, known as Nexus, is out there that has targeted approximately 450 applications found in the Google Play Store. Nexus has the potential to have catastrophic effects on users all around the world. It can cause a significant number of issues.
What exactly is “Nexus?”
Nexus is the most recent variant of the Trojan horse. It was first found in numerous hacking forums in the month of January 2023. It was released on a platform known as “Malware-as-a-Service,” which allows hackers to pay other cybercriminals to access their service and use their malware.
Related Search: Android users remove these malware apps from their smartphones right now
It is being spread through websites that look like they are real but are actually phishing pages that pose as webpages for YouTube Vanced, a modified version of YouTube.
The malware is able to collect passwords from banking applications and can capture two-factor authentication codes, both received through text messages and created by the Google Authenticator app. This virus is so robust that it can steal banking application passwords.
Even though the virus is not yet fully developed, it is already capable of causing significant damage.
What capabilities does the new Nexus have?
The Nexus trojan is built to function covertly, having the capacity to avoid detection and circumvent safety protocols. It is very difficult to identify this virus as it can conceal itself.
After it is installed on your device, the trojan has the ability to monitor your activity and steal sensitive data, such as credit card numbers, pins, login credentials, and other financial information.
It is also able to intercept two-factor authentication codes that are received through text messages as well as codes that are generated by the Google Authenticator app.
Also Read: Android Security Checkup | 12 Easy Steps to Safer Phone
How is Nexus being spread across devices?
According to the threat intelligence company Cyble, this malware is being spread using phishing pages. These phishing pages, which pose as legitimate websites, are referred to as YouTube Vanced.
It was released on a platform known as “Malware-as-a-Service.” A rising number of hackers are using a malware-as-a-service model. In this model, hackers pay one another for access to new malware to gain access to this type of dangerous software.
If Nexus successfully gains access to your bank accounts, it will be able to undertake overlay attacks, which is when a phony version of an app is placed on top of a real banking app in order to steal money from your account.
So, the moment you log in to your banking accounts using an app, the overlay will collect both your login and password and send them to the attacker.
Also, Nexus can make use of a keylogger in order to collect any passwords that a user may type in or have auto-filled on their phone.
How does Nexus work?
In order for Nexus to acquire control of a bank account, it must first launch an overlay attack. This assault includes layering a phony or malicious version of a legitimate banking application on top of the original one.
The overlay remembers the user’s name and password as soon as that user logs in to their account. In addition, the Nexus features a keylogger that can record any passwords that a user types into their phone or that the phone auto-fills for them.
In addition, the most recent version of Nexus has the capability to delete text messages that have been received on an infected device, stop its two-factor authentication stealing feature, and update itself on a regular basis by pinging a command-and-control server that is controlled by cybercriminals.
Hence, it is crucial that you stay protected from such a dangerous online threat.
Wondering how can you stay protected from this virus?
Read ahead… (this is crucial)
Also Read: 10 Best Free and Paid Antivirus for Android Phone 2023
Steps To Stay Protected From Nexus
There are a number of different precautions you can take to protect yourself from harmful software. Some of them are as follows:
1. Do NOT download and install software from untrusted sources. This could be really dangerous. If you really want to download an app, make sure it is from a trusted source on the Google Play Store.
2. Do NOT download any apps from unofficial app stores. There are a large number of unofficial app stores available, and as humans, we have this habit of exploring new things whenever we get the chance.
But, this method might be perilous, particularly if you download an app from a store that is not officially sanctioned by Apple or Google.
If you use Android, the Google Play Store is the most reliable and secure location to download new applications.
3. Do NOT click on any link. We are constantly bombarded with promotional texts and emails. These messages typically contain infected URLs that will infect your device the moment you click on them. And the virus instantly begins its destructive work. Thus, you should never, ever, under any circumstances, click on any such links.
4. Download and Install Antivirus and Antimalware Software on Your Device. You should download and install antivirus and antimalware software on your phone to protect it from viruses and other types of malware.
Follow these tips to stay protected from online fraudsters and hackers.