August 6, 2024 at 01:16PM Samsung has introduced the new ‘Important Scenario Vulnerability Program’ for its mobile devices, offering bug bounty rewards of up to $1,000,000 for critical attack demonstrations. Highlighted payouts include rewards for arbitrary code execution and unlocks with data extraction. In 2023, Samsung paid security researchers $827,925 and aims to break records … Read more
August 6, 2024 at 06:06AM The LianSpy, an Android post-compromise spyware, has targeted users in Russia since 2021. Discovered in March 2024, it uses Yandex Cloud for command-and-control communications, enabling it to capture screencasts, exfiltrate user data, and evade detection. Its stealth tactics include bypassing privacy indicators and leveraging legitimate services for communication and storage. … Read more
August 5, 2024 at 01:24AM Cybersecurity researchers have discovered BlankBot, a new Android banking trojan targeting Turkish users to steal financial information. The malware employs various malicious capabilities, including customer injections, keylogging, and screen recording, and communicates with a control server over WebSocket connection. It also bypasses security features introduced in Android 13. Google is … Read more
August 2, 2024 at 08:12AM The new Android trojan, BlankBot, discovered by Intel 471, poses a significant threat to users. It disguises itself as utility applications, targeting Turkish Android users and potentially expanding to other countries. Once installed, it gains control of the device, logging sensitive information and executing custom attacks. The trojan communicates with … Read more
August 1, 2024 at 09:06AM Italian cybersecurity firm Cleafy discovered an Android remote access trojan (RAT) called BingoMod. It’s capable of fraudulent money transfers and device wiping to erase malware traces. The RAT, attributed to a Romanian-speaking threat actor, uses remote access to exploit on-device fraud, and the malware is under active development. BingoMod employs … Read more
August 1, 2024 at 08:06AM A new Android-targeting remote access trojan named BingoMod, discovered by Cleafy, is designed to steal user information and money through account takeover tactics. The malware, likely developed by Romanian speakers, attempts to lower its detection rate by experimenting with obfuscation techniques. BingoMod also allows threat actors remote device control and … Read more
July 31, 2024 at 12:27PM A new Android malware called ‘BingoMod’ can steal money from victims’ bank accounts using on-device fraud techniques, leading to the wiping of their devices. Based on the meeting notes, the key takeaways are that there is a new Android malware called ‘BingoMod’ which is capable of stealing money from victims’ … Read more
July 31, 2024 at 08:01AM A novel malware dubbed “SMS Stealer” has targeted Android devices for over two years, stealing SMS messages and one-time passwords. Researchers have tracked its global impact, with India and Russia most affected. This dynamic and sophisticated campaign uses multiple threat vectors and poses a significant risk, underscoring the need for … Read more
July 30, 2024 at 10:04AM A new version of the sophisticated Android spyware Mandrake has been discovered in five apps on Google Play Store, remaining undetected for two years. The malware includes obfuscation and evasion techniques and can collect device information, initiate screen sharing, and steal credentials. Researchers emphasize the evolving threat and Google’s continuous … Read more
July 26, 2024 at 11:38PM A China-based hacking group, Smishing Triad, has targeted iPhone users in India with text-borne phishing attacks, manipulating India Post’s name. The attacks involved deceptive URLs and fraudulent websites. Similar incidents have targeted the US Postal Service and US citizens. Security experts emphasize the need for mobile web threat protection and … Read more