May 1, 2024 at 10:00AM Researchers have uncovered a new Android malware, Wpeeper, using compromised WordPress sites as relays for its command-and-control servers, evading detection. Disguised as the UPtodown App Store app, it includes a backdoor Trojan for Android, capable of collecting device info and executing commands. The campaign’s scale and goals remain unclear, emphasizing … Read more
May 1, 2024 at 08:27AM QAX XLab has uncovered the Wpeeper Android trojan that utilizes a multi-level command-and-control (C&C) infrastructure, with hacked WordPress sites acting as redirectors. The malware incorporates HTTPS communication, encryption, and an elliptic signature. Although its activity abruptly ceased after receiving a self-deletion command, it is likely to resurface as the repackaged … Read more
April 30, 2024 at 12:49PM A new Android malware named ‘Wpeeper’ was discovered in unofficial app stores, utilizing compromised WordPress sites as relay points for its command and control servers. The malware, discovered by QAX’s XLab team, had zero detections on Virus Total and infected thousands of devices. It features sophisticated C2 communication and 13 … Read more