i-Sprint Uncovers Sneaky Android Banking Malware, FjordPhantom
New Malware Threat Detected

Promon and i-Sprint recently uncovered a new Android malware spreading across Southeast Asia. Out of the 113 banking apps tested, an alarming 80.5% cannot protect against FjordPhantom.
How Does It Work?


Distribution
- FjordPhantom targets banking customers with deceptive app downloads, using sophisticated social engineering tactics.
- Primarily spreads through email, SMS, and messaging apps


Virtualization
- FjordPhantom employs an unprecedented virtualization technique, eluding user detection and security measures.
- This allows the malware to utilize its hooking framework, enabling multiple apps to operate within the same sandbox


Hooking
- Code Injection: FjordPhantom injects malicious code into banking apps, manipulating Accessibility and GooglePlayServices APIs for detection evasion.
- UI Manipulation: The malware hooks into UI functionality, automatically closing dialog boxes to avoid raising suspicion.
- Stealthy Logging: FjordPhantom strategically places hooks to log target app actions without altering their visible behavior.


Attack
- Orchestrates a comprehensive attack for stealing sensitive information and manipulating user interactions within the app.
- Exploits the virtualized environment to execute real-world fraud, evading conventional security measures
The good news? We’re ahead of the curve.
Our latest release of AppProtect+ includes a powerful solution to detect and neutralize FjordPhantom.
Find Out If Your Company App Holds Up Against Fjordphantom:
OPENING OF UTCC PQC APPLICATION MIGRATION EXCELLENCE CENTER
We're proud to support the UTCC PQC Application Migration Excellence Center Launch in Thailand, bringing together government leaders, industry experts, and cybersecurity practitioners to explore practical approaches to quantum readiness. You're invited! Date & Time: 24 July 2026, 9am to 12:30pm Venue: University of the Thai Chamber of Commerce
i-Sprint x ID BFSI
We're excited to be heading to BFSI Indonesia 2026, where banking and financial services leaders come together to shape the future of the industry. Join i-Sprint Innovations to explore how modern identity security helps organizations strengthen digital trust, enhance customer experiences, and stay ahead of evolving cyber threats.

