Alien Malware
The Alien Malware is spyware that collects confidential information from Android devices. As an upgrade of the previous Cerberus spyware, it keeps that threat's features and adds new ones and may block the device or provide a backdoor for attackers. Users should protect their devices with compatible anti-malware services for removing the Alien Malware as soon as possible and change compromised passwords and other credentials without delay.
A Service Dies before Reviving for the Worse
The powerful symbol of a phoenix burning to ashes and reviving in a new flame is just as appropriate for the threat landscape as it is mythology. Threat actors are re-purposing once-dead Cerberus spyware to launch a new, seemingly successful, spyware-based service against Android users. Affiliates are free to hire this revamp, the Alien Malware, but gain far more than just a victim's passwords by unleashing it.
Besides being spyware, or a program that collects information from users of the infected systems, the Alien Malware also is a Remote Access Trojan (RAT), or a threat with a remote, network-based backdoor that lets attackers exercise control. The synergy between the two halves is notable; the Alien Malware may collect credentials and give attackers opportunities to use them locally, on the device, through the TeamViewer application.
Regarding distribution, the Alien Malware also has a worm-reminiscent function. The Trojan includes complete SMS messaging controls and may send SMS-based phishing lures that distribute its installer to other victims on the first victim's contact lists. It even has a pseudo-ransomware attack: a screen-locking function that stops the user from accessing the device until they pay a ransom.
Shoving Extraterrestrials Off of Android Home Soil
Although it has a powerful website-overlaying feature for phishing for logins, the full array of data-collecting features from the Alien Malware encompasses more than just passwords or account credentials. This threat can collect any user-typed data via keylogging and targets some content more narrowly, such as geo-location stats, notifications, contact lists, and any installed applications. Overall, its features are much more comprehensive than Cerberus's previous payloads.
An additional warning from malware researchers also confirms that the Alien Malware lacks some essential vulnerabilities that made disinfecting Cerberus easier for Android security solutions. Meanwhile, the new Spyware-as-a-Service in the Alien Malware's iteration may send the Trojan out into the wild through any means an affiliate threat actor desires. Still, the current focus is on Web-based fake updates and similar phishing attacks.
Android users should update their preferred anti-malware services for removing the Alien Malware with optimal accuracy. Disinfection should include changing passwords, notifying contacts of potential SMS message-based attacks, and similar steps for undoing any potential for the infection leading to hijacked accounts.
The Alien Malware has an impressive set of tools for taking data out of an Android user's hands. Right now, it uses them, mostly, for taking the contents of bank accounts – but there's no telling what the hereafter may hold for such a flexible threat.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.