Android/Trojan.Dropper.Xeno

ThreatDown is now the name of the Malwarebytes line of business products. References to Malwarebytes below reflect the amazing technology used to first identify the threat.

Short bio

Android/Trojan.Dropper.Xeno is Malwarebytes’ detection name for a modular Android banker Trojan.

Type of infection

Android/Trojan.Dropper.Xeno opens an overlay for legitimate banking apps, mail clients, and cryptocurrency wallets. It uses these overlays to send entered data like usernames and passwords to the threat actor. Android/Trojan.Dropper.Xeno was available in the Google Play Store.

Malicious behavior

Android/Trojan.Dropper.Xeno needs Accessiblity Services privileges, which it insistently requests after being started.

Protection

Malwarebytes for Android protects against Android/Trojan.Dropper

Home remediation

These apps can be uninstalled using the mobile devices uninstall functionality, the tricky part is identifying the offending behavior and app. That is where Malwarebytes for Android can help by identifying these apps and remove.

Similiar detections

Trojan.Agent.VBS TrojanAgentVBSblock Trojan.MisplacedLegit.AutoIt TrojanMisplacedLegitAutoItblock Agent.Trojan.Downloader.DDS Android/Trojan.Agent.prn1 Trojan.CoinMiner TrojanCoinMinerblock Trojan.DarkGate Trojan.BrowserAssistant View all Trojan detections >

Products

Services

Why ThreatDown

Get Help

Managed Services Terms & Conditions

Detection Details