Investor's Crypto DailyInvestor's Crypto Daily
Font ResizerAa
  • Home
  • Headlines
    • Financial Market News
    • Cryptocurrency News
    • Press Releases
    • My Bookmarks
  • Spotlight Stories
  • Crypto Stock Plays
    • Crypto ETFs, Trusts & Investment Funds
    • Crypto Adjacent Stocks
    • Crypto Futures (Settled in USD)
  • Step Into Crypto
    • Common Crypto Terms
    • Crypto Rules & Regulations
  • Economy
    • Economic News
    • Economic Calendar
  • Join Us
Reading: Malware Targets 180 Banking, Financial and Crypto Apps, Displays Fake Screens To Capture PINs and Take Over Accounts: Cyble
Share
Font ResizerAa
Investor's Crypto DailyInvestor's Crypto Daily
  • Home
  • Headlines
  • Spotlight Stories
  • Crypto Stock Plays
  • Step Into Crypto
  • Economy
  • Join Us
Search
  • Home
  • Headlines
    • Financial Market News
    • Cryptocurrency News
    • Press Releases
    • My Bookmarks
  • Spotlight Stories
  • Crypto Stock Plays
    • Crypto ETFs, Trusts & Investment Funds
    • Crypto Adjacent Stocks
    • Crypto Futures (Settled in USD)
  • Step Into Crypto
    • Common Crypto Terms
    • Crypto Rules & Regulations
  • Economy
    • Economic News
    • Economic Calendar
  • Join Us
Follow US
  • Advertise
© 2024 Investor's Crypto Daily. All Rights Reserved.
Investor's Crypto Daily > Blog > Headlines > Cryptocurrency News > Malware Targets 180 Banking, Financial and Crypto Apps, Displays Fake Screens To Capture PINs and Take Over Accounts: Cyble
Cryptocurrency News

Malware Targets 180 Banking, Financial and Crypto Apps, Displays Fake Screens To Capture PINs and Take Over Accounts: Cyble

Last updated: June 1, 2026 1:06 am
By Ronald Dupree 2 Min Read
Share
SHARE

A new Android banking trojan is targeting more than 180 banking, financial and cryptocurrency applications across 10 countries.

The cybersecurity firm Cyble says the malware is called OverlayPhantom and is being distributed through malicious URLs that impersonate trusted applications.

Cyble says the malware uses a two-stage infection chain, beginning with a dropper app that has impersonated ID Austria, Austria’s official government identity application, and TikTok. Once installed, OverlayPhantom disguises itself as Google Play Services and abuses Android’s Accessibility Service to gain elevated control over the infected device.

The malware targets banking, financial and cryptocurrency apps in the United States, Australia, Germany, France, Belgium, Finland, the Netherlands, Italy, Spain and the United Kingdom.

The firm says OverlayPhantom can execute more than 30 remote commands, conduct real-time screen streaming, display fake overlays and exfiltrate harvested credentials through command-and-control infrastructure.

The malware monitors the victim’s foreground applications and checks whether the app is included in its hardcoded target list. When a match is found, it displays a fake WebView overlay designed to resemble the legitimate application. Those overlays can capture usernames, passwords, card details, PINs and other sensitive information.

According to Cyble, the malware can also simulate gestures, manipulate clipboard content, lock the device screen and display fake notifications. The report says OverlayPhantom uses separate command-and-control ports for command dispatch, device status reporting and screen streaming.

Cyble says the malware has been active since May 2025 and was uncovered during an investigation into government-themed URL impersonation.

Follow us on X @InvCryptoDaily

Don’t Miss a Beat – Subscribe to get email alerts delivered directly to your inbox

___________________

Images May Be Sourced From Pixabay, Creative Commons & Midjourney

This post Malware Targets 180 Banking, Financial and Crypto Apps, Displays Fake Screens To Capture PINs and Take Over Accounts: Cyble may be modified as updates unfold.

Please note, this site provides content for entertainment purposes only and does not offer financial advice. Read more here

You May Also Like:

  • Shibarium Transaction fees soar as network activity…
  • What is a Web3 Wallet? The Beginners Guide to…
  • The Guide to Initial Coin Offerings

You Might Also Like

BRICS Nations China & Brazil pour $1,880,000,000 into Gold in Only One Month as US Bank Reveals Precious metal Price Prediction

Crypto-Trader: Solana Altcoin is primed to plunge further, outlines path forward for Pepe Dogecoin

NFT market cooling significantly: Is there any silver lining?

Luke Gromen, an investor says that Bitcoin will ‘go up’ significantly if BTC is used as a reserve asset by the US. Here’s why.

HashKey CEO: Trump’s crypto policy may be a catalyst for China’s digital assets growth

Share This Article
Facebook Twitter Email Copy Link Print
Previous Article S&P 500 Index forecast: Goldman Sachs, Citi, Yardeni, Morgan Stanley
Next Article Jerome Powell Warns Fed Credibility Is Under Threat
Leave a comment

Click here to cancel reply.

Please Login to Comment.

Stay Connected

TwitterFollow
- Partnered Content -
Ad image

Latest News

Scammer Drains $11,500 From Elderly Virginia Woman After Posing as Wells Fargo Employee
Cryptocurrency News
Salesforce stock has slumped amid SaaSpocalypse concerns: what next?
Financial Market News
Larry Fink Is Bullish on Markets for the Next 12 Months
Cryptocurrency News
Is IBM stock a buy after its historic 25% single-day crash? Here is what analysts say
Financial Market News
//

We support the traditional finance investor’s journey into the cryptocurrency space, using education and traditional terms. Get involved in crypto directly or through adjacent stocks and funds. Time to get off the sidelines.

– Sponsored Spotlight –

Get Around

  • Home
  • Headline News
  • Spotlight Stories
    New
  • Economy
  • Step Into Crypto

Get Involved

  • Advertise With Us
  • Join Us
    Hot
  • My Bookmarks
  • Privacy Policy & Legal Disclaimer
  • Contact US
2024 Investor's Crypto Daily | InvestorsCryptoDaily.com | Privacy
Welcome Back!

Sign in to your account

Lost your password?