As reported by The Hacker News, a new Android malware family named Perseus has been discovered actively distributing in the wild, designed for device takeover and financial fraud. This sophisticated malware builds upon the foundations of previous threats like Cerberus and Phoenix, evolving into a more capable platform for compromising Android devices.Perseus is distributed through dropper apps found on phishing sites, masquerading as IPTV services to trick users into sideloading them. Once installed, it leverages Android's accessibility service for real-time monitoring and precise interaction, enabling full device takeover. The malware conducts overlay attacks and captures keystrokes to steal credentials by displaying fake login screens for financial apps and cryptocurrency services.Notably, Perseus also monitors user notes from various applications, aiming to extract high-value personal or financial information. Threat actors may be using large language models in its development, indicated by extensive logging and emojis in the source code. Campaigns have primarily targeted Turkey, Italy, Poland, Germany, France, the U.A.E., and Portugal.Source: The Hacker News
Data Security, Malware
Perseus Android malware evolves from Cerberus and Phoenix for device takeover

(Adobe Stock)
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



