July 31, 2024 at 06:09AM A new malicious campaign has utilized over 107,000 unique samples of Android apps to steal SMS messages and intercept one-time passwords (OTPs). This large-scale operation has targeted users in 113 countries, with India and Russia topping the list. Malware remains hidden, continuously monitoring new incoming messages to obtain OTPs for … Read more
July 30, 2024 at 05:31PM A global Android-targeting malware campaign utilizes thousands of Telegram bots to spread SMS-stealing malware, compromising over 600 services’ one-time passwords. Zimperium researchers uncovered this operation, tracking at least 107,000 malware samples since February 2022. Cybercriminals exploit infected devices for financial gain and use the malware to transmit captured messages to … Read more
June 18, 2024 at 04:29PM ONNX Store, a phishing-as-a-service platform, targets Microsoft 365 and Office 365 accounts with PDF attachments containing QR codes. It bypasses 2FA, capturing login credentials and tokens, and provides a range of subscription tiers with customizable features. EclecticIQ recommends security measures to mitigate the threat’s impact. The platform poses a significant … Read more