276 matches found
New SuperBear Trojan Emerges in Targeted Phishing Attack on South Korean Activists
A new phishing attack likely targeting civil society groups in South Korea has led to the discovery of a novel remote access trojan called SuperBear. The intrusion singled out an unnamed activist, who was contacted in late August 2023 and received a malicious LNK file from an address impersonatin...
Thousands of Android Malware Apps Using Stealthy APK Compression to Evade Detection
Threat actors are using Android Package APK files with unknown or unsupported compression methods to elude malware analysis. That's according to findings from Zimperium, which found 3,300 artifacts leveraging such compression algorithms in the wild. 71 of the identified samples can be loaded on t...
Malicious Apps Use Sneaky Versioning Technique to Bypass Google Play Store Scanners
Threat actors are leveraging a technique called versioning to evade Google Play Store's malware detections and target Android users. "Campaigns using versioning commonly target users' credentials, data, and finances," Google Cybersecurity Action Team GCAT said in its August 2023 Threat Horizons...
FakeTrade Android Malware Attack Steals Crypto Wallet Data
By Deeba Ahmed Dubbed CherryBlos and FakeTrade by researchers, these two malware campaigns have been identified as potentially related by Trend Micro. This is a post from HackRead.com Read the original post: FakeTrade Android Malware Attack Steals Crypto Wallet Data...
New Android Malware CherryBlos Utilizing OCR to Steal Sensitive Data
A new Android malware strain called CherryBlos has been observed making use of optical character recognition OCR techniques to gather sensitive data stored in pictures. CherryBlos, per Trend Micro, is distributed via bogus posts on social media platforms and comes with capabilities to steal...
Mexico-Based Hacker Targets Global Banks with Android Malware
An e-crime actor of Mexican provenance has been linked to an Android mobile malware campaign targeting financial institutions globally, but with a specific focus on Spanish and Chilean banks, from June 2021 to April 2023. The activity is being attributed to an actor codenamed NeoNet , according t...
Fluhorse: Flutter-Based Android Malware Targets Credit Cards and 2FA Codes
Cybersecurity researchers have shared the inner workings of an Android malware family called Fluhorse. The malware "represents a significant shift as it incorporates the malicious components directly within the Flutter code," Fortinet FortiGuard Labs researcher Axelle Apvrille said in a report...
Anatsa Banking Trojan Targeting Users in US, UK, Germany, Austria, and Switzerland
A new Android malware campaign has been observed pushing the Anatsa banking trojan to target banking customers in the U.S., U.K., Germany, Austria, and Switzerland since the start of March 2023. "The actors behind Anatsa aim to steal credentials used to authorize customers in mobile banking...
CVE-2023-29078
creationtimestamp| type| source ---|---|--- 2023-06-27 08:54:53+00:00| published-proof-of-concept| https://t.me/androidMalware/1890...
CVE-2023-28153
creationtimestamp| type| source ---|---|--- 2023-06-27 08:54:53+00:00| published-proof-of-concept| https://t.me/androidMalware/1890...
Rogue Android Apps Target Pakistani Individuals in Sophisticated Espionage Campaign
Individuals in the Pakistan region have been targeted using two rogue Android apps available on the Google Play Store as part of a new targeted campaign. Cybersecurity firm Cyfirma attributed the campaign with moderate confidence to a threat actor known as DoNot Team, which is also tracked as...
Researchers Uncover SideWinder's Latest Server-Based Polymorphism Technique
The advanced persistent threat APT actor known as SideWinder has been accused of deploying a backdoor in attacks directed against Pakistan government organizations as part of a campaign that commenced in late November 2022. "In this campaign, the SideWinder advanced persistent threat APT group us...
New Android Malware 'FluHorse' Targeting East Asian Markets with Deceptive Tactics
Various sectors in East Asian markets have been subjected to a new email phishing campaign that distributes a previously undocumented strain of Android malware called FluHorse that abuses the Flutter software development framework. "The malware features several malicious Android applications that...
Fleckpe Android Malware Sneaks onto Google Play Store with Over 620,000 Downloads
A new Android subscription malware named Fleckpe has been unearthed on the Google Play Store, amassing more than 620,000 downloads in total since 2022. Kaspersky, which identified 11 apps on the official app storefront, said the malware masqueraded as legitimate photo editing apps, camera, and...
North Korea's ScarCruft Deploys RokRAT Malware via LNK File Infection Chains
The North Korean threat actor known as ScarCruft started experimenting with oversized LNK files as a delivery route for RokRAT malware as early as July 2022, the same month Microsoft began blocking macros across Office documents by default. "RokRAT has not changed significantly over the years, bu...
Paperbug Attack: New Politically-Motivated Surveillance Campaign in Tajikistan
A little-known Russian-speaking cyber-espionage group has been linked to a new politically-motivated surveillance campaign targeting high-ranking government officials, telecom services, and public service infrastructures in Tajikistan. The intrusion set, dubbed Paperbug by Swiss cybersecurity...
Goldoson Android Malware Infects Over 100 Million Google Play Store Downloads
h A new Android malware strain named Goldoson has been detected in the official Google Play Store spanning more than 60 legitimate apps that collectively have over 100 million downloads. An additional eight million installations have been tracked through ONE store, a leading third-party app...
Goldoson Android Malware Infects Over 100 Million Google Play Store Downloads
A new Android malware strain named Goldoson has been detected in the official Google Play Store spanning more than 60 legitimate apps that collectively have over 100 million downloads. An additional eight million installations have been tracked through ONE store, a leading third-party app...
Transparent Tribe Hackers Distribute CapraRAT via Trojanized Messaging Apps
A suspected Pakistan-aligned advanced persistent threat APT group known as Transparent Tribe has been linked to an ongoing cyber espionage campaign targeting Indian and Pakistani Android users with a backdoor called CapraRAT. "Transparent Tribe distributed the Android CapraRAT backdoor via...
Experts Warn of RambleOn Android Malware Targeting South Korean Journalists
Suspected North Korean nation-state actors targeted a journalist in South Korea with a malware-laced Android app as part of a social engineering campaign. The findings come from South Korea-based non-profit Interlab, which coined the new malware RambleOn. The malicious functionalities include the...