Nexus is the name of a new malware that infects Android devices. Billed $3000/month to hackers, this software is able to steal your bank account despite double authentication. Caution is required!
Every month, you probably pay for a subscription to a streaming service like Netflix or gaming with the Xbox Game Pass, the 1 euro offer of which has just ended. But hackers are also enjoying this business model by offering MaaS subscriptions for malware-as-a-service. Subscribers then have access to a regularly updated Trojan horse. The latest called Nexus is just doing a lot of damage to the bank accounts of Android users.
To read > BNP Paribas, LCL, Crédit Mutuel, Société Générale… French banks targeted by the Xenomorph malware
Malware capable of bypassing double authentication
Nexus is a botnet available on a hacker forum since last January but dated June 2022 according to cybersecurity firm Cleafy. Unlike legal services like Netflix, its price is not a handful of euros per month but 3000$/month.
But what exactly does Nexus do? According to Cleafy, the malware installed on Android devices allows to steal banking application passwords. Even those protected by two-factor authentication (2FA). This malware is able to access SMS codes or Google Authenticator. Suffice to say that this pirate software breaks down all security barriers with formidable efficiency.
Hackers even have access to a C2 web panel since Nexus connects to a C2 server from the infected device. Attacks can then be carried out with the possibility of receiving the stolen data for cybercriminals.
If Cleafy believes that this malware resembles another discovered in 2022, it is still of a new attack led by a new group of pirates.
To read > WhatsApp, Telegram: Windows and Android targeted by pirate versions that copy your clipboard, beware danger!
How do I protect myself against Nexus?
It is a vital rule, Avoid downloading Android apps outside of the Play Store. If not all of them are compromised, of course, you expose yourself to possible problems by installing these APIs. Nexus can lurk there and do great damage to your personal life, no app is worth taking unnecessary risks.
If your bank account is hacked, immediately contact the support of your bank which is usually available 24 hours a day in case of emergency.
