According to the latest report from Bleeping Computer, a new type of Android malware was recently discovered to use “virtualization” technology to evade detection and earn huge profits for its operators.
New Android malware emerges
The malware, called FjordPhantom, is spread via phishing emails, text messages and chat tools. According to reports, it uses virtualization solutions from open-source projects to create virtual containers on the device without the user’s knowledge.
Victims are tricked into downloading banking apps that look legitimate, but they contain malicious code that runs in a virtual environment and can attack real banking apps. FjordPhantom’s goal is to steal online bank account credentials and manipulate transactions by committing fraud on the device.
It is worth noting that the most cunning thing about this malware is that it does not modify the banking app itself, making traditional code tampering detection unable to detect the threat.
The malware was discovered by Promon, which noted that the malware’s “virtualization” technology evades Android’s sandboxing mechanisms.
FjordPhantom mainly targets banking applications in Indonesia, Thailand, Vietnam, Singapore and Malaysia. Promon said that due to the combination of malware and social engineering, one victim lost $280,000.
NEW FEATURES OF GBOARD AND ANDROID 14
Meanwhile, with the Android Feature Drop, Google is adding new Emoji Kitchen combinations to Gboard’s ever-growing list of emoji mashups. At the current stage, you can play with more emojis to create a mashup that’s fun and portrays your current mood perfectly.
The security department of Android 14 also saw an upgrade with this feature drop. It’s now possible to use a custom PIN for FIDO2 security keys. With this, it will be possible to safely get into apps and websites that are passwordless but require physical keys. It will also help to ensure that bad actors can’t use the hardware key if it gets stolen.