Lucene search
K

40 matches found

The Hacker News
The Hacker News
added 2026/06/16 1:10 p.m.23 views

New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds

Security researchers at Zimperium's zLabs have documented a new Android banking trojan, Rokarolla , that targets 217 banking and cryptocurrency apps and packs 137 remote commands. Together, they give an operator near-total control of an infected phone: it lifts lock-screen PINs, reads and sends...

5.7AI score
Exploits0
HackRead
HackRead
added 2026/04/10 8:32 p.m.13 views

Android Banking Trojan Linked to Cambodia Scam Compounds Hits 21 Countries

Android banking trojan linked to Cambodia scam compounds uses forced labour to target users in 21 countries, bypassing security to steal funds...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/03/19 12:43 p.m.10 views

New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data

Cybersecurity researchers have disclosed a new Android malware family called Perseus that's being actively distributed in the wild with an aim to conduct device takeover DTO and financial fraud. Perseus is built upon the foundations of Cerberus and Phoenix, at the same time evolving into a "more...

6.1AI score
Exploits0
HackRead
HackRead
added 2026/03/12 11:8 a.m.9 views

New PixRevolution Malware Steals Brazil’s PIX Transfers in Real Time

Researchers have discovered PixRevolution, a new Android banking trojan targeting Brazil’s PIX system. Unlike automated scams, this malware uses live operators to watch your screen and divert funds instantly...

5.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/12/29 11:48 a.m.8 views

Malware in 2025 spread far beyond Windows PCs

This blog is part of a series highlighting new and concerning trends we noticed over the last year. Trends matter because they almost always provide a good indication of what 's coming next. If there’s one thing that became very clear in 2025, it’s that malware is no longer focused on Windows...

7.2AI score
Exploits0
Securelist
Securelist
added 2025/12/15 7:0 a.m.10 views

Frogblight threatens you with a court case: a new Android banker targets Turkish users

In August 2025, we discovered a campaign targeting individuals in Turkey with a new Android banking Trojan we dubbed "Frogblight". Initially, the malware was disguised as an app for accessing court case files via an official government webpage. Later, more universal disguises appeared, such as th...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/11/20 11:4 a.m.6 views

New Sturnus Android Trojan Quietly Captures Encrypted Chats and Hijacks Devices

Cybersecurity researchers have disclosed details of a new Android banking trojan called Sturnus that enables credential theft and full device takeover to conduct financial fraud. "A key differentiator is its ability to bypass encrypted messaging," ThreatFabric said in a report shared with The...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/10/01 9:25 a.m.11 views

New Android Banking Trojan "Klopatra" Uses Hidden VNC to Control Infected Smartphones

A previously undocumented Android banking trojan called Klopatra has compromised over 3,000 devices, with a majority of the infections reported in Spain and Italy. Italian fraud prevention firm Cleafy, which discovered the sophisticated malware and remote access trojan RAT in late August 2025, sa...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2025/08/26 9:1 a.m.8 views

HOOK Android Trojan Adds Ransomware Overlays, Expands to 107 Remote Commands

Cybersecurity researchers have discovered a new variant of an Android banking trojan called HOOK that features ransomware-style overlay screens to display extortion messages. "A prominent characteristic of the latest variant is its capacity to deploy a full-screen ransomware overlay, which aims t...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2025/08/16 10:41 a.m.23 views

ERMAC V3.0 Banking Trojan Source Code Leak Exposes Full Malware Infrastructure

Cybersecurity researchers have detailed the inner workings of an Android banking trojan called ERMAC 3.0, uncovering serious shortcomings in the operators' infrastructure. "The newly uncovered version 3.0 reveals a significant evolution of the malware, expanding its form injection and data theft...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/07 6:25 a.m.26 views

Chameleon Android Banking Trojan Targets Users Through Fake CRM App

Cybersecurity researchers have lifted the lid on a new technique adopted by threat actors behind the Chameleon Android banking trojan targeting users in Canada by masquerading as a Customer Relationship Management CRM app. "Chameleon was seen masquerading as a CRM app, targeting a Canadian...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/11 12:29 p.m.25 views

Cybercriminals Turn to Android Loaders on Dark Web to Evade Google Play Security

Malicious loader programs capable of trojanizing Android applications are being traded on the criminal underground for up to $20,000 as a way to evade Google Play Store defenses. "The most popular application categories to hide malware and unwanted software include cryptocurrency trackers,...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/23 11:55 a.m.5 views

Nexus: A New Rising Android Banking Trojan Targeting 450 Financial Apps

An emerging Android banking trojan dubbed Nexus has already been adopted by several threat actors to target 450 financial applications and conduct fraud. "Nexus appears to be in its early stages of development," Italian cybersecurity firm Cleafy said in a report published this week. "Nexus provid...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/10 10:3 a.m.7 views

Xenomorph Android Banking Trojan Returns with a New and More Powerful Variant

A new variant of the Android banking trojan named Xenomorph has surfaced in the wild, latest findings from ThreatFabric reveal. Named "Xenomorph 3rd generation " by the Hadoken Security Group, the threat actor behind the operation, the updated version comes with new features that allow it to...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/04 1:39 p.m.5 views

PixPirate: New Android Banking Trojan Targeting Brazilian Financial Institutions

A new Android banking trojan has set its eyes on Brazilian financial institutions to commit fraud by leveraging the PIX payments platform. Italian cybersecurity company Cleafy, which discovered the malware between the end of 2022 and the beginning of 2023, is tracking it under the name PixPirate...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/04 1:39 p.m.103 views

PixPirate: New Android Banking Trojan Targeting Brazilian Financial Institutions

A new Android banking trojan has set its eyes on Brazilian financial institutions to commit fraud by leveraging the PIX payments platform. Italian cybersecurity company Cleafy, which discovered the malware between the end of 2022 and the beginning of 2023, is tracking it under the name PixPirate...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/01/20 4:33 p.m.5 views

Roaming Mantis Spreading Mobile Malware That Hijacks Wi-Fi Routers' DNS Settings

Threat actors associated with the Roaming Mantis attack campaign have been observed delivering an updated variant of their patent mobile malware known as Wroba to infiltrate Wi-Fi routers and undertake Domain Name System DNS hijacking. Kaspersky, which carried out an analysis of the malicious...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/01/19 1:27 p.m.36 views

Android Users Beware: New Hook Malware with RAT Capabilities Emerges

The threat actor behind the BlackRock and ERMAC Android banking trojans has unleashed yet another malware for rent called Hook that introduces new capabilities to access files stored in the devices and create a remote interactive session. ThreatFabric, in a report shared with The Hacker News,...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/12/26 3:0 a.m.16 views

A week in security (December 19 - 25)

Last week on Malwarebytes Labs: 4 over-hyped security vulnerabilities of 2022 Chasing cryptocurrency through cyberspace, with Brian Carter: Lock and Code S03E26 Restaurant platform SevenRooms confirms data breach Adult popunder campaign used in mainstream ad fraud scheme Malwarebytes earns AV-TES...

0.6AI score
Exploits0
The Hacker News
The Hacker News
added 2022/12/06 12:38 p.m.41 views

Darknet's Largest Mobile Malware Marketplace Threatens Users Worldwide

Cybersecurity researchers have shed light on a darknet marketplace called InTheBox that's designed to specifically cater to mobile malware operators. The actor behind the criminal storefront, believed to be available since at least January 2020, has been offering over 400 custom web injects group...

0.2AI score
Exploits0
Rows per page
Query Builder