September 28, 2024 at 06:24AM A malicious Android app discovered in the Google Play Store masqueraded as a legitimate WalletConnect protocol to deceive users and steal $70,000 in cryptocurrency. It achieved over 10,000 downloads through fake reviews and consistent branding, impacting over 150 users. The app prompted users to sign transactions, enabling attackers to drain … Read more
September 26, 2024 at 10:20AM A recent attack drained $70,000 from cryptocurrency wallets through a fraudulent app called WalletConnect on Google’s Play Store. The app, posing as the legitimate WalletConnect protocol, targeted web3 users and captured details of victims’ wallets, blockchain, and known addresses. Despite being removed five months later, the incident underlines the need … Read more
September 26, 2024 at 07:51AM French cybersecurity firm Sekoia discovered a long-running cyber espionage campaign, dubbed SilentSelfie, targeting Kurdish websites. The attacks aimed to steal sensitive information using a watering hole technique and various information-stealing frameworks. The campaign, of low sophistication, affected multiple Kurdish sites, indicating a new threat targeting the Kurdish community. The attackers’ … Read more
September 25, 2024 at 01:18PM Google’s shift to memory-safe languages like Rust has reduced memory-safe vulnerabilities in Android from 76% to 24% in six years. Prioritizing secure coding for new features makes codebases safer and cost-effective. The decrease in vulnerabilities is due to the decay of new code’s vulnerabilities and advancements in vulnerability combat. Google … Read more
September 24, 2024 at 12:42PM Altered versions of popular Android apps linked to Spotify, WhatsApp, and Minecraft have been distributing a new iteration of Necro, a known malware loader, with some of these apps even present on the Google Play Store. This sophisticated malware is designed to carry out various malicious activities on infected devices, … Read more
September 24, 2024 at 07:01AM Cybersecurity researchers have uncovered a new version of the Android banking trojan, Octo, named Octo2. It boasts enhanced capabilities for device takeover and fraudulent transactions. The malware has been observed in European countries and is distributed through apps like Europe Enterprise, Google Chrome, and NordVPN. Octo2 is a significant advancement … Read more
September 23, 2024 at 12:06PM Two apps with a total of approximately 11 million downloads from Google Play were found to be infected with the Necro trojan by Kaspersky. The malware was distributed through these apps and unofficial versions of popular apps and games. The trojan can perform various malicious actions, targeting users in several … Read more
September 13, 2024 at 08:15AM Cybersecurity researchers have uncovered a new variant of the Android banking trojan TrickMo, designed to evade detection and capture banking credentials. The malware, linked to the TrickBot e-crime gang, features capabilities like screen recording, keystroke logging, and abusing accessibility services for malicious actions. The trojan’s command-and-control server exposed 12 GB … Read more
September 12, 2024 at 01:12PM Bank customers in Central Asia are under threat from a new Android malware named Ajina.Banker, aimed at stealing financial information and thwarting two-factor authentication. The malware is distributed through Telegram channels and targets countries such as Armenia, Azerbaijan, and Russia. The attackers use localized promotions and themed messages to maximize … Read more
September 9, 2024 at 05:09AM A recent mobile malware campaign known as SpyAgent is targeting Android device users in South Korea and the U.K. Through deceptive apps, it aims to steal mnemonic keys and gain access to cryptocurrency wallets, potentially leading to fund theft. The campaign demonstrates sophisticated evasion techniques and marks a concerning trend … Read more