December 5, 2024 at 04:08PM The Android RAT “DroidBot” features keylogging and data monitoring, targeting banks and organizations. Active since mid-2024, it’s linked to 17 affiliate groups and 77 attacks in Europe, with plans to expand into Latin America. Researchers warn its evolution into malware-as-a-service poses greater cybersecurity threats. ### Meeting Notes Takeaways: 1. **Emergence … Read more
November 7, 2024 at 04:47AM ToxicPanda, an Android banking trojan with connections to China, is currently targeting more than a dozen banks across Europe and Latin America. ### Meeting Notes Takeaways – **Subject**: ToxicPanda Android Banking Trojan – **Origin**: Linked to China – **Targeted Regions**: – Europe – Latin America – **Impact**: Affects over a … Read more
August 5, 2024 at 01:24AM Cybersecurity researchers have discovered BlankBot, a new Android banking trojan targeting Turkish users to steal financial information. The malware employs various malicious capabilities, including customer injections, keylogging, and screen recording, and communicates with a control server over WebSocket connection. It also bypasses security features introduced in Android 13. Google is … Read more
May 1, 2024 at 08:27AM QAX XLab has uncovered the Wpeeper Android trojan that utilizes a multi-level command-and-control (C&C) infrastructure, with hacked WordPress sites acting as redirectors. The malware incorporates HTTPS communication, encryption, and an elliptic signature. Although its activity abruptly ceased after receiving a self-deletion command, it is likely to resurface as the repackaged … Read more
April 26, 2024 at 10:18AM Newly identified Android Trojan, Brokewell, poses significant threat by stealing user information and granting attackers control over infected devices. Disguised as fake updates, it can steal credentials and browser cookies, log device events, act as spyware, and facilitate screen streaming. ThreatFabric warns of potential widespread impact and continual evolution of … Read more
April 18, 2024 at 07:36AM A new Android trojan named SoumniBot is targeting users in South Korea by exploiting vulnerabilities in manifest extraction. It evades analysis through unconventional approaches, including obfuscating the Android manifest. The malware collects sensitive data, manipulates device settings, and searches for digital signature certificates. Its developers successfully complicate detection through insufficiently … Read more
February 15, 2024 at 09:02AM Cybercriminals have targeted iOS users by distributing trojanized smartphone apps, named GoldPickaxe and GoldPickaxe.iOS, in Vietnam and Thailand. These apps collect biometric data and intercept SMS messages to access bank accounts. They use deepfake technology and social engineering to steal identities and break into victims’ banks. This reveals the maturity … Read more