According to the most recent research from ThreatFabric, a new variation of the Android banking malware known as Xenomorph has been discovered in the wild. The revised version, which the threat actor behind the operation called “Xenomorph 3rd generation,” has new features that enable it to carry out financial crime invisibly.
The introduction of a very extensive runtime engine powered by Accessibility services, which is used by actors to implement a full ATS framework, is the most notable addition to an already feature-rich Android banker in this new version of the malware, according to a report from the Dutch security firm shared with The Hacker News.