November 5, 2024 at 07:57AM A new Android banking malware, ToxicPanda, has infected over 1,500 devices, primarily in Italy. It conducts fraudulent transactions via account takeover and bypasses identity verification. The malware is believed to be linked to a Chinese threat actor and shares similarities with an earlier malware, TgToxic. It targets users through counterfeit … Read more
October 28, 2024 at 02:41PM A hybrid espionage campaign by Russian group UNC5812 targets Ukrainian military recruits with malware disguised as a “recruitment avoidance” app, “Sunspinner.” It spreads via a fake “Civil Defense” persona on Telegram. Google has implemented protective measures but highlights ongoing cyber-warfare threats. Malware includes data theft and spying tools. **Meeting Takeaways: … Read more
October 28, 2024 at 11:36AM A Russian espionage group, UNC5812, has been found delivering malware to the Ukrainian military through a Telegram channel called Civil Defense. The mix includes Windows and Android malware, employing tactics to influence perceptions about military recruitment. It aims to compromise devices via deceptive software and manipulation. **Meeting Takeaways – Oct … Read more
October 28, 2024 at 11:23AM Google has identified a Russian cyberespionage and influence operation aimed at Ukrainian military recruits, utilizing malware affecting Android and Windows devices. The findings highlight ongoing threats to Ukraine amidst the ongoing conflict. **Meeting Takeaways:** 1. **Cybersecurity Alert**: Google has identified a cyberespionage and influence campaign originating from Russia. 2. **Target … Read more
October 15, 2024 at 01:06PM New variants of the TrickMo Android banking trojan now include features to steal unlock patterns or PINs, allowing attacks even when devices are locked. These versions also improve evasion tactics and target a wide range of applications. Mobile banking malware attacks have increased by 29% from June 2023 to April … Read more
October 15, 2024 at 10:32AM In one year, over 200 malicious apps on Google Play were identified, amassing nearly eight million downloads. Key threats included Joker, Adware, and Facestealer. Despite Google’s security measures, malware continues to bypass detection. Users are advised to read reviews and verify app permissions to avoid infection. ### Meeting Takeaways on … Read more
October 14, 2024 at 01:35PM Forty new variants of the TrickMo Android banking trojan have emerged, designed to steal PINs and sensitive data through deceptive screens and various phishing tactics. Linked to 16 droppers and 22 command and control infrastructures, it has impacted at least 13,000 victims, primarily in Canada, UAE, Turkey, and Germany. ### … Read more
September 23, 2024 at 05:38PM The Necro trojan is targeting Android users, potentially affecting millions. Kaspersky discovered the Necro campaign in 2019, exposing numerous devices to malware. Popular apps like Wuta Camera and Max Browser were affected, prompting Google to take action. Malicious modifications for apps like WhatsApp and children’s games are also concerning. Kaspersky … Read more
September 13, 2024 at 08:15AM Cybersecurity researchers have uncovered a new variant of the Android banking trojan TrickMo, designed to evade detection and capture banking credentials. The malware, linked to the TrickBot e-crime gang, features capabilities like screen recording, keystroke logging, and abusing accessibility services for malicious actions. The trojan’s command-and-control server exposed 12 GB … Read more
September 13, 2024 at 06:21AM A newly discovered Android malware, Vo1d, has infected 1.3 million TV boxes running older Android versions. The backdoor malware can fetch and install additional software, exploiting system vulnerabilities. It poses as legitimate OS components and targets countries worldwide. Doctor Web suspects attacks via unofficial firmware or intermediate malware. Google has … Read more