Malicious Google Play Store App Distributes Xenomorph Banking Trojan
The Zscaler ThreatLabz team stumbled across the Xenomorph banking trojan loaded over a lifestyle app called ‘Todo: Day manager,’ in the Google Play store. The malware is dropped via GitHub as a fake Google Service application right during the installation of the app. It opens as an overlay onto legit banking applications to extract users’ credentials.