September 6, 2024 at 11:29AM SpyAgent, a new Android malware, uses OCR technology to steal cryptocurrency recovery phrases from mobile screenshots, compromising wallet security. McAfee uncovered the malware in 280 non-Google Play APKs distributing via SMS or malicious social media. It targets South Korea and may expand to the UK, with a possible iOS variant … Read more
September 6, 2024 at 11:22AM A new Android malware called SpyAgent utilizes OCR to extract cryptocurrency wallet recovery phrases from images stored on mobile devices. Based on the meeting notes, it seems that a new Android malware called SpyAgent has been identified. This malware uses optical character recognition (OCR) technology to extract cryptocurrency wallet recovery … Read more
September 4, 2024 at 10:12AM Google has released its monthly security updates for the Android operating system to address a high-severity vulnerability (CVE-2024-32896) related to privilege escalation in the Android Framework component. The vulnerability has been actively exploited and impacts the entire Android ecosystem. Users are advised to update their devices to protect against potential … Read more
September 3, 2024 at 06:48AM A new Android banking trojan named Rocinante targets mobile users in Brazil, capable of keylogging and stealing personal information from victims. The malware can masquerade as various banking apps and is linked to a threat actor known as DukeEugene. Symantec also highlighted a banking trojan campaign targeting Spanish and Portuguese-speaking … Read more
August 26, 2024 at 12:54AM Researchers have discovered new Android malware, NGate, aimed at stealing contactless payment data from physical credit and debit cards to conduct fraudulent operations. Targeting banks in Czechia, the attack involves social engineering and SMS phishing to trick users. NGate prompts victims to enter sensitive financial details and instigates an NFC … Read more
August 21, 2024 at 11:00AM Google is discontinuing its Google Play Security Reward Program (GPSRP) after achieving its goal of increasing Android OS security. Bug submissions will be accepted until August 31, 2024, with final rewards decided by September 30. The program has incentivized developers to improve their app security, paying out a total of … Read more
August 20, 2024 at 04:21PM A novel phishing campaign in the Czech Republic targets mobile users through Progressive Web Applications to steal banking account credentials from banks such as CSOB, OTP, and TBC. The phishing websites are distributed through voice calls, SMS, and social media. The attack is notable for deceiving users into installing PWAs … Read more
August 16, 2024 at 03:15AM Dormant software in certain Google Pixel devices presents a vulnerability, allowing potential nefarious attacks and malware delivery. The issue stems from a pre-installed Android app with extensive system privileges, leaving devices susceptible to remote code execution. Despite being non-malicious, the app’s potential exploitation prompted Google to remove it from supported … Read more
August 14, 2024 at 02:53PM Zimperium and Okta’s collaboration marks a milestone in mobile security, integrating Zimperium Mobile Threat Defense with Okta Identity Threat Protection. This partnership enables continuous risk monitoring and automated threat response, upholding a zero trust framework. The integration empowers organizations with real-time threat intelligence, comprehensive mobile threat protection, and stronger zero-trust … Read more
August 10, 2024 at 03:21PM Numerous security flaws in Google’s Quick Share for Android and Windows have been discovered, allowing for an RCE attack chain and posing serious risks such as unauthorized file writing and Wi-Fi connection manipulation. These vulnerabilities have been fixed in Quick Share version 1.0.1724.0, and Google is tracking them under two … Read more