The author of the Xenomorph Android malware, the Hadoken Security Group, continues to improve their malicious code.

In February 2022, researchers from ThreatFabric first spotted the Xenomorph malware, which was distributed via the official Google Play Store reaching over 50,000 installations.

The banking Trojan was used to target 56 European banks and steal sensitive information from the devices of their customers. The analysis of the code revealed the presence of not implemented features and the large amount of logging present, a circumstance that suggests that this threat is under active development.