July 17, 2024 at 11:36AM “BadPack,” a set of maliciously packaged APK files, creates challenges for analysts trying to detect and analyze malware in Android applications. The altered header information in BadPack files hampers reverse-engineering tools and has contributed to the rise of Android banking Trojans. Unit 42 researchers have developed methods to detect and … Read more
July 16, 2024 at 10:10AM A massive ad fraud operation named Konfety has been uncovered, using hundreds of Google Play Store apps to engage in malicious activities. The campaign exploits a mobile advertising SDK associated with a Russia-based ad network, deploying “evil twin” versions of legitimate apps to commit ad fraud, monitor web searches, and … Read more
July 15, 2024 at 04:27AM In Singapore, retail banks must eliminate one-time passwords (OTPs) for online authentication within three months to combat phishing. The Monetary Authority of Singapore and The Association of Banks in Singapore made the decision. With a rise in scams, customers are urged to activate digital tokens to protect against unauthorized account … Read more
July 8, 2024 at 04:18PM In response to a series of breaches and criticism of its cybersecurity practices, Microsoft is implementing a new Secure Future Initiative in China. This includes mandating the use of Apple iPhones instead of Android devices for logging into its corporate network. Employees using Android devices will be provided with an … Read more
July 3, 2024 at 11:51PM Twilio, a cloud communications provider, disclosed a mobile security breach in the Authy 2FA app. Threat actors exploited an unauthenticated endpoint to access user data, prompting the company to secure the endpoint. Although no direct system breach was proven, Twilio urged users to upgrade their apps due to possible phishing … Read more
June 25, 2024 at 01:06PM The Medusa banking trojan, known as TangleBot, has resurfaced with lighter variants targeting countries in Europe and North America. The new activity involves SMS phishing and uses dropper applications to infect devices. The trojan has minimized its permissions, added new features, and is centralizing its operations for easier control. The … Read more
June 24, 2024 at 01:30AM Cyber espionage groups are using an Android remote administration tool, Rafel RAT, disguised as popular apps like Instagram and WhatsApp. This tool can perform various malicious activities like data theft and device manipulation. It has been used in cyber attacks targeting high-profile entities across multiple countries. It highlights the need … Read more
June 22, 2024 at 03:14PM The ‘Ratel RAT’ is an open-source Android malware widely used by cybercriminals to target outdated devices, often using ransomware to demand payment on Telegram. Check Point researchers detected over 120 campaigns using Rafel RAT, with high-profile organizations being targeted, particularly in the United States, China, and Indonesia. It’s crucial to … Read more
June 18, 2024 at 03:51AM The Singapore Police Force (SPF) extradited two men from Malaysia linked to a mobile malware campaign. The suspects targeted Android users and used phishing scams to steal personal data and banking information. The SPF, in collaboration with other law enforcement agencies, apprehended 16 cyber criminals and reported over 4,000 victims. … Read more
June 13, 2024 at 10:25AM The threat actor Arid Viper is behind a mobile espionage campaign using trojanized Android apps to distribute spyware called AridSpy. The campaign targets users in Palestine and Egypt through fake messaging and job opportunity apps. AridSpy is capable of downloading additional payloads and harvesting data from infected devices. From the … Read more