Watering Hole Attack on Kurdish Sites Distributing Malicious APKs and Spyware

September 26, 2024 at 07:51AM French cybersecurity firm Sekoia discovered a long-running cyber espionage campaign, dubbed SilentSelfie, targeting Kurdish websites. The attacks aimed to steal sensitive information using a watering hole technique and various information-stealing frameworks. The campaign, of low sophistication, affected multiple Kurdish sites, indicating a new threat targeting the Kurdish community. The attackers’ … Read more

Google’s Shift to Rust Programming Cuts Android Memory Vulnerabilities by 52%

September 25, 2024 at 01:18PM Google’s shift to memory-safe languages like Rust has reduced memory-safe vulnerabilities in Android from 76% to 24% in six years. Prioritizing secure coding for new features makes codebases safer and cost-effective. The decrease in vulnerabilities is due to the decay of new code’s vulnerabilities and advancements in vulnerability combat. Google … Read more

Necro Android Malware Found in Popular Camera and Browser Apps on Play Store

September 24, 2024 at 12:42PM Altered versions of popular Android apps linked to Spotify, WhatsApp, and Minecraft have been distributing a new iteration of Necro, a known malware loader, with some of these apps even present on the Google Play Store. This sophisticated malware is designed to carry out various malicious activities on infected devices, … Read more

New Octo2 Android Banking Trojan Emerges with Device Takeover Capabilities

September 24, 2024 at 07:01AM Cybersecurity researchers have uncovered a new version of the Android banking trojan, Octo, named Octo2. It boasts enhanced capabilities for device takeover and fraudulent transactions. The malware has been observed in European countries and is distributed through apps like Europe Enterprise, Google Chrome, and NordVPN. Octo2 is a significant advancement … Read more

Necro Trojan Infects Google Play Apps With Millions of Downloads

September 23, 2024 at 12:06PM Two apps with a total of approximately 11 million downloads from Google Play were found to be infected with the Necro trojan by Kaspersky. The malware was distributed through these apps and unofficial versions of popular apps and games. The trojan can perform various malicious actions, targeting users in several … Read more

TrickMo Android Trojan Exploits Accessibility Services for On-Device Banking Fraud

September 13, 2024 at 08:15AM Cybersecurity researchers have uncovered a new variant of the Android banking trojan TrickMo, designed to evade detection and capture banking credentials. The malware, linked to the TrickBot e-crime gang, features capabilities like screen recording, keystroke logging, and abusing accessibility services for malicious actions. The trojan’s command-and-control server exposed 12 GB … Read more

New Android Malware ‘Ajina.Banker’ Steals Financial Data and Bypasses 2FA via Telegram

September 12, 2024 at 01:12PM Bank customers in Central Asia are under threat from a new Android malware named Ajina.Banker, aimed at stealing financial information and thwarting two-factor authentication. The malware is distributed through Telegram channels and targets countries such as Armenia, Azerbaijan, and Russia. The attackers use localized promotions and themed messages to maximize … Read more

New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys

September 9, 2024 at 05:09AM A recent mobile malware campaign known as SpyAgent is targeting Android device users in South Korea and the U.K. Through deceptive apps, it aims to steal mnemonic keys and gain access to cryptocurrency wallets, potentially leading to fund theft. The campaign demonstrates sophisticated evasion techniques and marks a concerning trend … Read more

SpyAgent Android malware steals your crypto recovery phrases from images

September 6, 2024 at 11:29AM SpyAgent, a new Android malware, uses OCR technology to steal cryptocurrency recovery phrases from mobile screenshots, compromising wallet security. McAfee uncovered the malware in 280 non-Google Play APKs distributing via SMS or malicious social media. It targets South Korea and may expand to the UK, with a possible iOS variant … Read more

SpyAgent Android malware steals crypto recovery phrases from images

September 6, 2024 at 11:22AM A new Android malware called SpyAgent utilizes OCR to extract cryptocurrency wallet recovery phrases from images stored on mobile devices. Based on the meeting notes, it seems that a new Android malware called SpyAgent has been identified. This malware uses optical character recognition (OCR) technology to extract cryptocurrency wallet recovery … Read more