In a sign that malicious actors continue to find ways to work around Google Play Store security protections, researchers have spotted a previously undocumented Android dropper trojan that’s currently in development. “This new malware tries to abuse devices using a novel technique, not seen before in Android malware, to spread the extremely dangerous Xenomorph banking […]
The SOVA Android banking trojan is continuing to be actively developed with upgraded capabilities to target no less than 200 mobile applications, including banking apps and crypto exchanges and wallets, up from 90 apps when it started out. That’s according to the latest findings from Italian cybersecurity firm Cleafy, which found newer versions of the […]
A threat actor has leaked 4TB of confidential data from Cellebrite an Israeli digital intelligence company. Cellebrite is an Israeli company specialized in providing forensic tools to security forces and companies, such as extracting data from an encrypted iPhone or Android mobile. It offers services to collect, review, analyze, and manage digital data. Its tools […]
Google released a security alert on Monday outlining the most recent batch of Android operating system upgrades. There have been fixes for thirty-two vulnerabilities, including a serious flaw that might allow Bluetooth to be used for remote code execution. The System component is vulnerable, according to the CVE-2022-20345 tracking number. Updates for Android 12 and […]
A malicious campaign leveraged seemingly innocuous Android dropper apps on the Google Play Store to compromise users’ devices with banking malware. These 17 dropper apps, collectively dubbed DawDropper by Trend Micro, masqueraded as productivity and utility apps such as document scanners, QR code readers, VPN services, and call recorders, among others. All these apps in […]
As many as 30 malicious Android apps with cumulative downloads of nearly 10 million have been found on the Google Play Store distributing adware. “All of them were built into various programs, including image-editing software, virtual keyboards, system tools and utilities, calling apps, wallpaper collection apps, and others,” Dr.Web said in a Tuesday write-up. While […]
The mobile threat campaign tracked as Roaming Mantis has been linked to a new wave of compromises directed against French mobile phone users, months after it expanded its targeting to include European countries. No fewer than 70,000 Android devices are said to have been infected as part of the active malware operation, Sekoia said in […]
Following its attack against users in the following countries, the Roaming Mantis operation has now attack users in France with Android and iOS devices. Germany Taiwan South Korea Japan The US The UK Around tens of thousands of users per day, Roaming Mantis has been targeting a variety of European users as early as February. […]
Russian threat actors capitalized on the ongoing conflict against Ukraine to distribute Android malware camouflaged as an app for pro-Ukrainian hacktivists to launch distributed denial-of-service (DDoS) attacks against Russian sites. Google Threat Analysis Group (TAG) attributed the malware to Turla, an advanced persistent threat also known as Krypton, Venomous Bear, Waterbug, and Uroburos, and linked […]
A new Android malware called ‘Autolycos’ installed over 3 million times is surfing on the Google Play Store by secretly subscribing users to its premium services. Maxime Ingrao, Security Researcher from Evina found the new android malware ‘Autolycos’, which is available on the Google Play store at present. There are two applications that are still […]
In this tutorial, the specialists of the Cyber Security 360 course of the International Institute of Cyber Security (IICS) will show us how to use ZANTI, a pentesting tool that allows attacks against a certain network, in addition to operating routers, auditing passwords, creating and running HTTP servers, scanning devices for open ports, and more. […]
Amazon, in December 2021, patched a high severity vulnerability affecting its Photos app for Android that could have been exploited to steal a user’s access tokens. “The Amazon access token is used to authenticate the user across multiple Amazon APIs, some of which contain personal data such as full name, email, and address,” Checkmarx researchers […]
Cybersecurity experts at Cleafy TIR team have recently discovered a new Android banking malware called Revive. It has been discovered that this banking malware mimics a 2FA app that requires users in Spain to log into their BBVA bank accounts. In contrast with the original banking trojan, this new variant employs a more targeted attack […]
A previously unknown Android banking trojan has been discovered in the wild, targeting users of the Spanish financial services company BBVA. Said to be in its early stages of development, the malware — dubbed Revive by Italian cybersecurity firm Cleafy — was first observed on June 15, 2022 and distributed by means of phishing campaigns. […]
The operators behind BRATA have once again added more capabilities to the Android mobile malware in an attempt to make their attacks against financial apps more stealthy. “In fact, the modus operandi now fits into an Advanced Persistent Threat (APT) activity pattern,” Italian cybersecurity firm Cleafy said in a report last week. “This term is […]
An enterprise-grade surveillanceware dubbed Hermit has been put to use by entities operating from within Kazakhstan, Syria, and Italy over the years since 2019, new research has revealed. Lookout attributed the spy software, which is equipped to target both Android and iOS, to an Italian company named RCS Lab S.p.A and Tykelab Srl, a telecom […]
A new strain of Android malware has been spotted in the wild targeting online banking and cryptocurrency wallet customers in Spain and Italy, just weeks after a coordinated law enforcement operation dismantled FluBot. The information stealing trojan, codenamed MaliBot by F5 Labs, is as feature-rich as its counterparts, allowing it to steal credentials and cookies, […]
A highly sophisticated threat actor has been observed targeting Android and iOS users in an attempt to spread backdoored apps filled with malicious code designed to drain users’ funds. Digital advertising security company Confiant has uncovered and reported on this previously unreported campaign, which it has dubbed SeaFlower. This malicious campaign is replicated from websites […]
A technically sophisticated threat actor known as SeaFlower has been targeting Android and iOS users as part of an extensive campaign that mimics official cryptocurrency wallet websites intending to distribute backdoored apps that drain victims’ funds. Said to be first discovered in March 2022, the cluster of activity “hint[s] to a strong relationship with a […]
There has been a warning from security experts about malware first identified as SMSFactory, an Android-based threat. Through the malware, the victims are subscribed to premium services at an unnecessary cost, which is really expensive. While Avast has not disclosed how many victims have been affected by the attack, there have been hundreds of attempts […]
Currently, a new botnet extends its reach with the help of code originating from various pieces of malware. The company is doing so by rapidly adding exploits for several vulnerabilities recently identified in the following things:- Web servers Content management systems IoT Android devices As of March, when the latest analysis of the botnet emerged, […]