i-Sprint Uncovers Sneaky Android Banking Malware, FjordPhantom

New Malware Threat Detected

Promon and i-Sprint recently uncovered a new Android malware spreading across Southeast Asia. Out of the 113 banking apps tested, an alarming 80.5% cannot protect against FjordPhantom.

How Does It Work?

Distribution

  • FjordPhantom targets banking customers with deceptive app downloads, using sophisticated social engineering tactics.
  • Primarily spreads through email, SMS, and messaging apps

Virtualization

  • FjordPhantom employs an unprecedented virtualization technique, eluding user detection and security measures.
  • This allows the malware to utilize its hooking framework, enabling multiple apps to operate within the same sandbox

Hooking

  • Code Injection: FjordPhantom injects malicious code into banking apps, manipulating Accessibility and GooglePlayServices APIs for detection evasion.
  • UI Manipulation: The malware hooks into UI functionality, automatically closing dialog boxes to avoid raising suspicion.
  • Stealthy Logging: FjordPhantom strategically places hooks to log target app actions without altering their visible behavior.

Attack

  • Orchestrates a comprehensive attack for stealing sensitive information and manipulating user interactions within the app.
  • Exploits the virtualized environment to execute real-world fraud, evading conventional security measures

The good news? We’re ahead of the curve.

Our latest release of AppProtect+ includes a powerful solution to detect and neutralize FjordPhantom.

Find Out If Your Company App Holds Up Against Fjordphantom:

TALK TO A SPECIALIST

1
keyboard_arrow_leftPrevious
Nextkeyboard_arrow_right
FormCraft - WordPress form builder

OPENING OF UTCC PQC APPLICATION MIGRATION EXCELLENCE CENTER

July 7, 2026|

We're proud to support the UTCC PQC Application Migration Excellence Center Launch in Thailand, bringing together government leaders, industry experts, and cybersecurity practitioners to explore practical approaches to quantum readiness. You're invited! Date & Time: 24 July 2026, 9am to 12:30pm Venue: University of the Thai Chamber of Commerce

i-Sprint x ID BFSI

July 7, 2026|

We're excited to be heading to BFSI Indonesia 2026, where banking and financial services leaders come together to shape the future of the industry. Join i-Sprint Innovations to explore how modern identity security helps organizations strengthen digital trust, enhance customer experiences, and stay ahead of evolving cyber threats.