Every week we have to talk about a new virus, malware or Trojan horse that sneaks into our Android phones. Today it is especially dangerous, because it is a malicious program that is disguised as well-known applications and with billions of downloads around the world. It's Zombinder, a malware capable of stealing passwords you use on your mobile phone and that can slip between apps like Netflix or PayPal.
Its operation is intended to deceive users, which, given its simplicity, is quite simple. What's really serious is that it doesn't come in unknown apps, but it takes advantage of the popularity of companies like PayPal, Netflix or Mercadolibre.
Zombinder can be considered one of the most dangerous viruses at the moment. It has shifted from Windows to Android to infiltrate users' smartphones through well-known apps. Zombinder is a tracker capable of knowing everything you do on your smartphone.
This type of virus can record all the keystrokes you make on the screen, so it is very easy for it to extract passwords and all kinds of information from your phone. Plus, when you're working in the background, it's hard to know you're under attack.
This new malware runs a keylogger to collect passwords you use on your phone. But this isn't the worst, it managed to embed malware into legitimate APK files by injecting viruses into the phone while installing what appears to be a legitimate app.
This means that it is possible that you could be infected with it without even realizing it because when apps you installed are working, you would have no doubt unless you detected something strange. You probably wouldn't even realize or imagine that you've ever installed an app with malware.
Zombinder is a "piece" of malicious code that infiltrates apps like Netflix, PayPal, etc. after downloading after installing the app. The user downloads the original application with its functionality, installs it and starts using it. Everything works fine until prompted to download the plugin.plugin
This plugin delivers malicious code by installing Zombinder on the device. Then, the hacker simply has to wait for you to use the device normally and see the recorded data several days later.
Since it is a Trojan that reads information, it is very difficult to know that you are being attacked by a virus. In addition, by working in conjunction with very popular applications, confidence increases. The study that exposed this Trojan indicates that it bypasses Google's security protocols, so users could be completely unprotected.
The "good" news is that it must be downloaded from a third-party website. In other words, the user still has a way to protect themselves by not downloading anything outside of Google Play.