Hundreds of financial & bank apps at risk from the new Nexus Android Trojan

Hundreds of financial & bank apps at risk from the new Nexus Android Trojan

Is yours one of the apps being targeted?

by Kurt Knutsson and Jenna Roach

Cybercriminals are at it once again. An alarming newly released report from the Italian cybersecurity firm Cleafy revealed a new Nexus Android banking trojan capable of targeting a staggering 450 different banking and financial apps.

This new threat serves as a reminder of the constant need for vigilance and proactive measures by you to protect against these malicious cyber attacks.

What does the new Nexus do?

The Nexus trojan is designed to operate stealthily, with the ability to hide from detection and evade security measures. Once installed on your device, the trojan can intercept and steal sensitive data such as login credentials, credit card details, and other financial information. It can also intercept both two-factor authentication codes sent via text and even codes from the Google Authenticator app.


The banking trojan is also able to erase text messages received on an infected device, stop its 2-factor authentication stealer module, and periodically update itself by pinging a cybercriminal-controlled command-and-control server.

How is the Nexus Android banking trojan spread?

The threat intelligence firm Cyble revealed in a blog post that the malware is being distributed through phishing pages disguised as legitimate websites called YouTube Vanced. More and more hackers are gaining access to this malware by using a malware-as-a-service model, which is basically when hackers pay each other for access to more malware.

2-STRESSED MAN ON PHONEOnce Nexus gets access to those bank accounts, it can drain and steal from the bank accounts of victims by performing overlay attacks, which is when a fake version of an app is put on top of a legitimate banking app. So when victims try to log in to their banking accounts on an app, the overlay can capture their username and password. Nexus can also use a keylogger to steal any passwords a user may type in or autofill on their phone.


How can I stay safe from this malware?

Have good antivirus software on all your devices

The best way to stay safe from this malware is to have antivirus software installed on your device.  My top recommendation is TotalAV.  Their product is full of features to keep you safe from malware and protect you when browsing the internet including ransomware protection, real-time antivirus protection, elimination of viruses and malware, a tool to free up your computer’s space, plus more.   Limited-time deal for CyberGuy readers: $19 your first year (80% off)  

Read my review of Best Antivirus software here. 

Be careful where you download apps

You should also remember never to download a third-party app over an official app. Third-party apps always have the risk of infecting your device with malware, so make sure that you’re double-checking that every app you download is legit. Here are a few of my tips to ensure that the apps you download are legitimate and well-reviewed:

Download from official app stores: Always always download apps from official app stores such as Google Play Store or Apple App Store. These app stores have security measures in place to ensure that the apps available for download are legitimate.

Check app ratings and reviews: Before downloading an app, take a look at its rating and read through the reviews. You’ll see that I always include this when I talk about an app. This can give you an idea of the quality of the app and whether other users have had any issues with it.

Research the app and developer: Do some research on the app and its developer to see if they have a good reputation. Look for any red flags, such as poor reviews or reports of scams.

Check permissions: When installing an app, pay attention to the permissions it requests. Be cautious of apps that ask for more permissions than they need to function.

By following these few tips, you can greatly reduce the risk of downloading a malicious or low-quality app and avoid any headaches down the road.

Have you seen anything on this new Nexus banking trojan? Let us know below.



Leave a Comment

Subscribe to receive my latest Tech news, security alerts, tips and deals newsletter. (We won't spam or share your email with anyone else.)

By signing up, you agree to our Terms of Service and Privacy Policy. You may unsubscribe at any time.

Tips to avoid our newsletters going to your junk folder