Hundreds of banking apps at risk from the new Nexus Android trojan

A new online banking threat has the ability to evade security measures and steal your information. Kurt "Cyberguy" Knutsson tells you how you and your information can stay safe.

Hundreds of banking apps at risk from the new Nexus Android trojan

Cybercriminals are at it once again. An alarming newly released report from the Italian cybersecurity firm Cleafy revealed a new Nexus Android banking trojan capable of targeting a staggering 450 different banking and financial apps.

This new threat serves as a reminder of the constant need for vigilance and proactive measures by you to protect against these malicious cyber-attacks.

The Nexus trojan is designed to operate stealthily, with the ability to hide from detection and evade security measures. Once installed on your device, the trojan can intercept and steal sensitive data such as login credentials, credit card details, and other financial information. It can also intercept both two-factor authentication codes sent via text and even codes from the Google Authenticator app.

The banking trojan is also able to erase text messages received on an infected device, stop its 2-factor authentication stealer module, and periodically update itself by pinging a cybercriminal-controlled command-and-control server.

The threat intelligence firm Cyble revealed in a blog post that the malware is being distributed through phishing pages disguised as legitimate websites called YouTube Vanced. More and more hackers are gaining access to this malware by using a malware-as-a-service model, which is basically when hackers pay each other for access to more malware.

Once Nexus gets access to those bank accounts, it can drain and steal from the bank accounts of victims by performing overlay attacks, which is when a fake version of an app is put on top of a legitimate banking app. So when victims try to log in to their banking accounts on an app, the overlay can capture their username and password. Nexus can also use a keylogger to steal any passwords a user may type in or autofill on their phone.

Antivirus software will protect you from accidentally clicking malicious links and will remove any malware from your devices. See my expert review of the best antivirus protection for your Windows, Mac, Android & iOS devices by searching ‘Best Antivirus’ at by clicking the magnifying glass icon at the top of my website.

You should also remember never to download a third-party app over an official app. Third-party apps always have the risk of infecting your device with malware, so make sure that you're double-checking that every app you download is legit. Here are a few of my tips to ensure that the apps you download are legitimate and well-reviewed:

Download from official app stores: Always download apps from official app stores such as Google Play Store or Apple App Store. These app stores have security measures in place to ensure that the apps available for download are legitimate.

Check app ratings and reviews: Before downloading an app, look at its rating and read through the reviews. You'll see that I always include this when I talk about an app. This can give you an idea of the quality of the app and whether other users have had any issues with it.

Research the app and developer: Do some research on the app and its developer to see if they have a good reputation. Look for any red flags, such as poor reviews or reports of scams.

Check permissions: When installing an app, pay attention to the permissions it requests. Be cautious of apps that ask for more permissions than they need to function.

By following these few tips, you can greatly reduce the risk of downloading a malicious or low-quality app and avoid any headaches down the road.

Have you seen anything on this new Nexus banking trojan? Let us know below. 

For more of my tips, subscribe to my free CyberGuy Report Newsletter by clicking the "Free newsletter" link at the top of my website.

Copyright 2023 All rights reserved.