August 6, 2024 at 02:24AM Google has addressed a high-severity security flaw in the Android kernel, identified as CVE-2024-36971, acknowledging its active exploitation. The patch also includes fixes for 47 flaws, with indications that the vulnerability may be exploited in targeted attacks. The company is collaborating with OEM partners to apply fixes where applicable. The … Read more
August 5, 2024 at 06:43PM This month’s Android security updates address 46 vulnerabilities, encompassing a high-severity remote code execution (RCE) flaw that has been exploited in targeted attacks. Based on the meeting notes, the key takeaway is that Android security updates for this month have patched 46 vulnerabilities, one of which is a high-severity remote … Read more
August 5, 2024 at 04:32PM An unknown state-sponsored threat actor has been using the new mobile spyware tool LianSpy to spy on Android smartphone users for at least three years, with a focus on Russia. The attackers exploit vulnerabilities to root devices or gain physical access. LianSpy silently monitors user activity, exfiltrating data via public … Read more
August 2, 2024 at 08:12AM The new Android trojan, BlankBot, discovered by Intel 471, poses a significant threat to users. It disguises itself as utility applications, targeting Turkish Android users and potentially expanding to other countries. Once installed, it gains control of the device, logging sensitive information and executing custom attacks. The trojan communicates with … Read more
August 1, 2024 at 08:06AM A new Android-targeting remote access trojan named BingoMod, discovered by Cleafy, is designed to steal user information and money through account takeover tactics. The malware, likely developed by Romanian speakers, attempts to lower its detection rate by experimenting with obfuscation techniques. BingoMod also allows threat actors remote device control and … Read more
July 30, 2024 at 05:31PM A global Android-targeting malware campaign utilizes thousands of Telegram bots to spread SMS-stealing malware, compromising over 600 services’ one-time passwords. Zimperium researchers uncovered this operation, tracking at least 107,000 malware samples since February 2022. Cybercriminals exploit infected devices for financial gain and use the malware to transmit captured messages to … Read more
July 30, 2024 at 10:04AM A new version of the sophisticated Android spyware Mandrake has been discovered in five apps on Google Play Store, remaining undetected for two years. The malware includes obfuscation and evasion techniques and can collect device information, initiate screen sharing, and steal credentials. Researchers emphasize the evolving threat and Google’s continuous … Read more
July 19, 2024 at 06:33AM A pro-Houthi threat group known as OilAlpha targeted humanitarian organizations in Yemen with Android spyware, posing as entities like CARE International and the Norwegian Refugee Council. Recorded Future’s Insikt Group noted that the group seeks to gather sensitive data and carry out espionage, possibly to control aid delivery. This follows … Read more
July 17, 2024 at 11:36AM “BadPack,” a set of maliciously packaged APK files, creates challenges for analysts trying to detect and analyze malware in Android applications. The altered header information in BadPack files hampers reverse-engineering tools and has contributed to the rise of Android banking Trojans. Unit 42 researchers have developed methods to detect and … Read more
July 15, 2024 at 04:27AM In Singapore, retail banks must eliminate one-time passwords (OTPs) for online authentication within three months to combat phishing. The Monetary Authority of Singapore and The Association of Banks in Singapore made the decision. With a rise in scams, customers are urged to activate digital tokens to protect against unauthorized account … Read more