Germany Sinkholes Botnet of 30,000 BadBox-Infected Devices

December 13, 2024 at 06:26AM Germany’s Federal Office for Information Security reported that over 30,000 media devices sold with pre-installed BadBox malware became part of a botnet. The agency has disrupted communication between infected devices and their command servers, advising users to disconnect and scan devices, while working with internet providers to address the issue. … Read more

Chinese Cops Caught Using Android Spyware to Track Mobile Devices

December 12, 2024 at 04:35PM EagleMeSpy, a surveillance tool developed by a Chinese company for law enforcement, has been scraping sensitive data from Android devices since 2017. It requires physical access to install and is not available in app stores. Researchers indicate potential iOS versions exist, and the spyware is continuously developed to avoid detection. … Read more

Google Launches Open-Source Patch Validation Tool

December 9, 2024 at 07:34PM Google’s Vanir tool enhances Android security patch validation by automating the identification of missing updates through static code analysis. Covering 95% of known vulnerabilities with a 97% accuracy rate, it significantly reduces patch fix time, offering efficiency improvements for manufacturers and potential adaptability for other platforms. **Meeting Takeaways:** 1. **Complexity … Read more

FSB Uses Trojan App to Monitor Russian Programmer Accused of Supporting Ukraine

December 6, 2024 at 11:24AM A Russian programmer’s Android device was secretly infected with spyware by the FSB after his detention for allegedly donating to Ukraine. The spyware, disguised as a legitimate app, enables extensive data collection. This incident highlights the risks associated with security services gaining custody of personal devices. ### Meeting Takeaways – … Read more

This $3,000 Android Trojan Targeting Banks and Cryptocurrency Exchanges

December 5, 2024 at 11:15AM A new Android remote access trojan (RAT) called DroidBot targets 77 banking institutions and organizations. Disguised as security apps, it utilizes keylogging and UI monitoring. Active since June 2024, it operates on a Malware-as-a-Service model, with affiliates customizing the malware for attacks predominantly across Europe. ### Meeting Takeaways – December … Read more

‘Earth Minotaur’ Exploits WeChat Bugs, Sends Spyware to Uyghurs

December 5, 2024 at 11:12AM Researchers at Trend Micro have identified a cyber-threat operation, Earth Minotaur, targeting the Tibetan and Uyghur communities using the Moonshine exploit kit. This operation delivers the DarkNimbus spyware to Android and Windows devices, stealing personal data and monitoring activities. Users are advised to exercise caution and update applications regularly. **Meeting … Read more

Hackers Target Uyghurs and Tibetans with MOONSHINE Exploit and DarkNimbus Backdoor

December 5, 2024 at 08:39AM The Earth Minotaur threat cluster uses the MOONSHINE exploit kit and the DarkNimbus backdoor to target Tibetans and Uyghurs through social engineering and phishing methods. It exploits Chromium vulnerabilities, facilitating long-term surveillance on Android and Windows devices, while affecting numerous countries and employing advanced malware tools. ### Meeting Takeaways on … Read more

MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks

December 5, 2024 at 02:38AM Trend Micro researchers uncovered the Earth Minotaur group utilizing the MOONSHINE exploit kit, targeting vulnerabilities in instant messaging apps, particularly against Tibetan and Uyghur communities. They discovered an Android backdoor, DarkNimbus, which also runs on Windows. MOONSHINE has evolved since 2019, with over 55 identified servers by 2024. ### Meeting … Read more

Android’s December 2024 Security Update Patches 14 Vulnerabilities

December 4, 2024 at 07:02AM Google released December 2024 security updates for Android, addressing 14 high-severity vulnerabilities, including a critical remote code execution flaw. The updates cover Android versions 12 through 15. Users are encouraged to update devices promptly, as no exploitation is reported. No security updates were included for Android Automotive OS and Wear … Read more

New Google Pixel AI feature analyzes phone conversations for scams

November 13, 2024 at 01:07PM Google introduces two new features for Pixel devices: an AI-powered scam detection system that identifies potential scammers during calls and a real-time threat detection in Google Play Protect to alert users about unsafe apps. These features enhance Android security by analyzing conversations and scanning for harmful applications. ### Meeting Takeaways … Read more