- Alien is based on Cerberus, a notorious malware that affected Google Play store
- The malware can harvest and forward SMS messages, steal login credentials, and display fake login pages to users
- Alien targets financial and cryptocurrency apps
A new Android malware, named “Alien”, targeting financial apps is capable of stealing credentials from 226 applications including cryptocurrency apps like Coinbase, according to security researchers from ThreatFabric.
The researchers say Alien has been active since the beginning of 2020 and is being offered as a “Malware-as-a-Service (MaaS)” in underground forums. The team noted that Alien was based on the source code for Cerberus, a notorious malware that Google’s security team was able to control by August 2020, Cointelegraph reported.
Alien, even though it has the same base code as Cerberus, is more advanced and can intercept Two-Factor Authentication (2FA) codes and mimic and overlay content on top of other apps.