"FjordPhantom Android Malware: Evading Detection and Targeting Southeast Asian Banking Apps"
Originally Published 2 years ago — by BleepingComputer
FjordPhantom, a new Android malware, has been discovered using virtualization to run malicious code in a container and evade detection. The malware spreads through emails, SMS, and messaging apps, targeting banking apps in Southeast Asian countries. FjordPhantom tricks victims into downloading seemingly legitimate banking apps that contain malicious code running in a virtual environment. It aims to steal online bank account credentials and manipulate transactions. By incorporating a virtualization solution, the malware breaks the Android Sandbox security concept and can inject its code into trusted processes. This sneaky attack method bypasses code tampering detection and hampers root-related security checks. The malware's active development raises concerns about its potential expansion to other countries.