Malware Analysis: Nexus

Illustration - accompanying a threat report of Nexus Malware

Protect Customers and Android Devices Against Nexus Malware

Nexus malware is an Android banking trojan promoted as a malware-as-a-service (MaaS) offering that can be used for account takeover (ATO) attacks. This banking trojan was first uncovered in June 2022. An analysis of malware samples found the source code of the project is relatively new — but its “threat actors” include over 450 targets.

While this malware is relatively new, it is already being used in some attack campaigns. Further, applications of Nexus malware are signed meaning they are more likely to go undetected by antivirus engines.

Download our threat report which reveals how Nexus malware can:

  • Perform overlay attacks and keylogger takeovers of bank and cryptocurrency accounts
  • Read two-factor authentication (2FA) codes and delete SMS messages
  • Request access to system functions apparently unrelated to its function, such as control of infected devices’ cameras

Stay one step ahead of cybercriminals and keep your customers and their devices safe from this dangerous banking trojan. Download our free report now and stay informed on the latest security threats.

Download the report!

Download this Resource

Sign up for our newsletter

Stay Up-to-Date on Financial Risk Management