Tech News

BugDrop Malware Is Being Developed by Cybercriminals To Bypass Android Security Features

By Abdul Wahab
BugDrop-Malware-Is-Being-Developed-by-Cybercriminals-To-Bypass-Android-Security-Features

Malicious actors have always tried to work their way around Google Play Store security protections. Recently, Han Sahin from ThreatFabric, stated that the company had found this new malware, which is trying to spread the Xenomorph banking trojan. This extremely dangerous trojan allows the criminal to perform On-Device Fraud on the victim’s devices.  

The malware has been dubbed BugDrop by the Duch security firm, and this dropper app is designed explicitly to combat the new features that Android has introduced in the new version of the Android OS. Android planned to make it difficult for the malware to request Accessibility Services privileges from the victims. However, BugDrop is trying to defeat it.

According to ThreatFabrics, the dropper was the work of a cybercriminal group known as Hadoken Security, which is also known to be behind the creation and distribution of the Android malware families Xenomorph and Gymdrop. 

Typically, banking trojans are developed on Android devices and use innocuous dropper apps, which pose as utility or productivity apps. Once they are installed, they trick the victim into granting them various invasive permissions. 

Furthermore, the Accessibility API allows the app to read the screen’s contents and even perform actions on behalf of the user. Therefore, it is heavily abusive and enables the malware operators to be able to capture sensitive data. This data includes credentials and financial information. 

Overlay attacks are what allow the malware to execute such acts. The trojan shows a fake lookalike login form, which is retrieved from a remote server when the victim opens the desired app. 

However, since many of the malicious apps are sideloaded, something possible if the user has allowed installation from unknown sources, Android 13 has taken the necessary steps to block the accessibility API access to apps that have been installed from outside the app store. 

Read also:

Related posts:

Snapdragon 8 Gen 2 To Power Most Upcoming Flagships
Netflix Launches Game Handles for Its Mobile Games in an Effort To Diversify Itself
Pixel Fold Renders Leaks – What Does Google’s Elusive Foldable Phone Look Like?
Nvidia Leak Suggests a More Powerful GeForce RTX 4080 to Release in 2024

By Abdul Wahab

Abdul Wahab is a Software Engineer by profession and a Tech geek by nature. Having been associated with the tech industry for the last five years, he has covered a wide range of Tech topics and produced well-researched and engaging content. You will mostly find him reviewing tech products and writing blog posts. Binge-watching tech reviews and endlessly reading tech blogs are his favorite hobbies.

Related Post

Tech News

New X-Men Skins May Be in Store for Fortnite

Abdul Wahab
Tech News

Hogwarts Legacy Sidequest May Hint at a Possible Sequel

Bethany Wilson
Tech News

Infection Free Zone is Gaining Traction

Bethany Wilson

You Missed

How-tos & Tutorials

How to Become a Netflix Tagger – Easily Get Paid to watch Netflix

How-tos & Tutorials

How to Fix Netflix Error code M7121-1331-P7 and M7111-1331-4027

in-depth Technology Guides

Fixing Amazon Prime Video Error Code 7031

Reviews

Host4Geeks Review

Show Buttons
Hide Buttons