Check your phone! Your bank is the target
I’ve got some urgent news you need to pay attention to. The nefarious Xenomorph Android malware I told you about in February is back in full force — and it’s targeting a whopping 100+ banking and crypto apps. Yeah, that’s just about all the major ones.
The Trojan (like the horse) is now even stealthier. The upgraded Xenomorph is launching a fresh assault on Android users — and there’s a tricky way it’s worming in: Through fake updates.
Get out of here, copycat
Xenomorph uses overlays to make you think you’re logging into your banking or crypto app — then uses details you provided to drain your account. You think everything is fine until you find all your money or crypto wiped out.
How is it spreading? This is interesting. Scammers have a new weapon of choice: Sites that fool you into thinking Chrome needs an update. What you end up downloading is a malicious file loaded with malware.
Guess which apps are in the crosshairs?
- We’re talking major players here like Chase, Citi, Bank of America, Capital One, PNC, Santander, TD Bank and Wells Fargo.
- On the crypto side, Coinbase, Binance and MetaMask aren’t safe.
The cherry on top? The overlays this malware uses to trick you can differ based on your physical location. Not a one-trick pony.
Be on high alert, keep your apps updated, and whatever you do, don’t fall for sketchy Upgrade Chrome messages. Always double-check sources and stick with the official Apple App Store and Google Play Store for downloads.
My words of wisdom: To update your browser, you only need to shut it down and restart. Updates are auto-installed. Don’t trust any site that tells you it’s the place to score the latest version — or tries to convince you that downloading a file is necessary to update your browser.
Stay smart, stay safe and keep those digital shields up! I’ll do my very best to keep you in the loop. Share this critical info you won’t find at the big news sites with someone you care about.
Cryptocurrency wallets: Hot vs. cold wallets and how they work
If you’re dipping your toe into cryptocurrency, you need a wallet. Similar to the physical wallet that holds your cash and cards, a crypto wallet holds your digital assets.
There are two main types of self-custody wallets: A hot wallet that’s web-based and connected to the internet and a cold wallet that’s a specialized piece of hardware.
Another malicious app that could rip you off found in the Google Play Store
When downloading apps to your smartphone or tablet, we would always recommend using the official app stores like Google Play, or the Apple App Store. But, even though these official stores have screenings and fail-safes to try and weed out the malicious apps, sometimes one slips through. That exactly what happened recently. Here is what to look out for.