December 5, 2024 at 08:29AM A new Android remote access trojan (RAT) named DroidBot targets 77 banks and exchanges, primarily in Europe, with plans to expand to Latin America. It features advanced capabilities like keylogging and overlay attacks, distributed via fake security apps. Offered as malware-as-a-service, affiliates can manage infected devices for various malicious actions. … Read more
August 1, 2024 at 09:06AM Italian cybersecurity firm Cleafy discovered an Android remote access trojan (RAT) called BingoMod. It’s capable of fraudulent money transfers and device wiping to erase malware traces. The RAT, attributed to a Romanian-speaking threat actor, uses remote access to exploit on-device fraud, and the malware is under active development. BingoMod employs … Read more
July 9, 2024 at 07:07AM Ongoing surveillanceware operation targets military personnel in Middle East with Android data-gathering tool GuardZoo. More than 450 victims impacted, mainly in Yemen. GuardZoo, a modified version of Dendroid RAT, has over 60 commands and uses WhatsApp for distribution. It has been using the same dynamic DNS domains for C2 operations … Read more