December 13, 2024 at 12:49PM Russian cyberspies Gamaredon are using two Android spyware families, BoneSpy and PlainGnome, to target Russian-speaking individuals in former Soviet states. BoneSpy has been active since 2021, while PlainGnome emerged in 2024. Both malware types collect extensive data from mobile devices, highlighting Gamaredon’s evolved tactics in digital surveillance. **Meeting Takeaways:** 1. … Read more
December 4, 2024 at 06:20PM A new Android malware called ‘DroidBot’ targets over 77 cryptocurrency exchanges and banking apps across the UK, Italy, France, Spain, and Portugal to steal user credentials. **Meeting Takeaways:** 1. **Introduction of New Malware:** A new Android banking malware called ‘DroidBot’ has been identified. 2. **Targeted Applications:** The malware specifically aims … Read more
December 4, 2024 at 01:33PM A new Android banking malware, ‘DroidBot,’ targets over 77 cryptocurrency and banking apps in Europe. Active since June 2024, it operates as a malware-as-a-service platform, facilitating attacks for affiliates. Key features include keylogging and SMS interception. Users are urged to download apps from Google Play and review permissions carefully. ### … Read more
November 5, 2024 at 07:57AM A new Android banking malware, ToxicPanda, has infected over 1,500 devices, primarily in Italy. It conducts fraudulent transactions via account takeover and bypasses identity verification. The malware is believed to be linked to a Chinese threat actor and shares similarities with an earlier malware, TgToxic. It targets users through counterfeit … Read more
October 28, 2024 at 02:41PM A hybrid espionage campaign by Russian group UNC5812 targets Ukrainian military recruits with malware disguised as a “recruitment avoidance” app, “Sunspinner.” It spreads via a fake “Civil Defense” persona on Telegram. Google has implemented protective measures but highlights ongoing cyber-warfare threats. Malware includes data theft and spying tools. **Meeting Takeaways: … Read more
October 28, 2024 at 11:36AM A Russian espionage group, UNC5812, has been found delivering malware to the Ukrainian military through a Telegram channel called Civil Defense. The mix includes Windows and Android malware, employing tactics to influence perceptions about military recruitment. It aims to compromise devices via deceptive software and manipulation. **Meeting Takeaways – Oct … Read more
October 28, 2024 at 11:23AM Google has identified a Russian cyberespionage and influence operation aimed at Ukrainian military recruits, utilizing malware affecting Android and Windows devices. The findings highlight ongoing threats to Ukraine amidst the ongoing conflict. **Meeting Takeaways:** 1. **Cybersecurity Alert**: Google has identified a cyberespionage and influence campaign originating from Russia. 2. **Target … Read more
October 15, 2024 at 01:06PM New variants of the TrickMo Android banking trojan now include features to steal unlock patterns or PINs, allowing attacks even when devices are locked. These versions also improve evasion tactics and target a wide range of applications. Mobile banking malware attacks have increased by 29% from June 2023 to April … Read more
October 15, 2024 at 10:32AM In one year, over 200 malicious apps on Google Play were identified, amassing nearly eight million downloads. Key threats included Joker, Adware, and Facestealer. Despite Google’s security measures, malware continues to bypass detection. Users are advised to read reviews and verify app permissions to avoid infection. ### Meeting Takeaways on … Read more
October 14, 2024 at 01:35PM Forty new variants of the TrickMo Android banking trojan have emerged, designed to steal PINs and sensitive data through deceptive screens and various phishing tactics. Linked to 16 droppers and 22 command and control infrastructures, it has impacted at least 13,000 victims, primarily in Canada, UAE, Turkey, and Germany. ### … Read more