February 20, 2024 at 07:15AM Anatsa, an Android banking trojan, has intensified its targeted attacks on mobile banking apps. With over 600 target apps worldwide, Anatsa’s malicious droppers have gained 30,000 installs via Google Play. The trojan allows fraudulent transactions and has expanded its campaign to new regions, evading Google’s play store restrictions. ThreatFabric warns … Read more
February 8, 2024 at 01:40PM A new version of the XLoader Android malware automatically executes on infected devices without user interaction. Operated by financially motivated threat actor ‘Roaming Mantis,’ it primarily targets users in several countries. Recent variants demonstrate the ability to launch stealthily, extracting sensitive user information and performing custom phishing attacks. McAfee advises … Read more
December 22, 2023 at 12:54PM The Chameleon Android banking trojan, detected by ThreatFabric, has expanded its reach to the UK and Italy from its initial targets in Australia and Poland. The malware employs various tactics, such as phishing pages and accessing Accessibility Services, to perform Account Takeover and Device Takeover attacks, targeting banking and cryptocurrency … Read more
December 1, 2023 at 08:24AM Researchers uncovered an Android malware, FjordPhantom, targeting Southeast Asian banking customers via messaging services. It evades detection through virtualization, enabling unauthorized data access without root privileges, by pretending to offer legitimate banking app features while executing malicious activities. Takeaways from the Meeting Notes: 1. A new Android malware known as … Read more
November 30, 2023 at 10:17AM Promon discovered the FjordPhantom malware, which uses virtualization to conceal its activities as it targets banking apps in Southeast Asia. It spreads via communication platforms and tricks users into downloading fake banking apps, enabling it to steal credentials and manipulate transactions. The malware breached Android’s security concept, posing a high … Read more
November 30, 2023 at 06:06AM A mobile security firm discovered a malicious campaign using over 285 Android apps to steal bank credentials and credit card information from Iranian users. The malware, targeting at least 12 banking apps, uses phishing and evasion techniques, with plans to expand to cryptocurrency wallets. Attackers use Telegram and GitHub for … Read more
November 29, 2023 at 05:36AM An expanded Android malware campaign aimed at Iranian banks now utilizes new evasion techniques and phishing tactics, with over 200 malicious apps identified. The malware seeks extensive permissions and steals credentials, leveraging Android accessibility services. Upgrades include SMS interception and resisting uninstallation, with infected apps receiving updates from GitHub and … Read more
November 21, 2023 at 03:18AM A new malware campaign in India targets Android smartphone users through social engineering. Attackers send messages on platforms like WhatsApp and Telegram, impersonating banks and government services. They entice users to install a fraudulent app that steals sensitive data and banking details. The app also intercepts one-time passwords (OTPs) and … Read more
November 6, 2023 at 10:06AM Researchers have discovered a new dropper-as-a-service (DaaS) for Android called SecuriDropper that bypasses Google’s security restrictions and delivers malware. Dropper malware on Android is a lucrative business for threat actors, allowing them to install malicious payloads on compromised devices. SecuriDropper disguises itself as a harmless app and uses different Android … Read more
October 30, 2023 at 10:51AM Some Huawei, Honor, and Vivo smartphones and tablets are displaying false ‘Security threat’ alerts, urging users to delete the Google app due to it being detected as malware. The alerts claim that the app is secretly sending SMS messages and recommend immediate uninstallation. Google denies that its Play Protect is … Read more