Researchers have discovered a new Android trojan called Perseus that hides inside IPTV streaming apps to steal passwords, banking data, and spy on users’ personal notes. Perseus, active in Turkey and Italy, uses overlays, keylogging, and note-extraction—targeting apps like Google Keep and Evernote—and builds on leaked Cerberus code. #Perseus #Cerberus
Keypoints
- Perseus is disguised inside IPTV-style streaming apps often sideloaded outside official app stores.
- The trojan captures credentials using overlay attacks and keylogging in real time.
- It specifically scans for and extracts content from note-taking apps like Google Keep, Evernote, and Simple Notes.
- Perseus incorporates leaked code from older banking trojans such as Cerberus and is active in Turkey and Italy.
- Researchers note Android banking trojans are evolving, with related threats like Herodotus and Crocodilus using advanced evasion and manipulation techniques.
Read More: https://therecord.media/malware-streaming-apps-android