276 matches found
Malware Surge Hits Android: Adware, Trojans and Crypto Theft Lead Q2 Threats
Dr.Web reports Android malware surge in Q2 with adware, banking trojans and crypto theft hidden in fake apps, firmware and spyware targeting users...
VOLTRON: Detecting Unknown Malware Using Graph-Based Zero-Shot Learning
The persistent threat of Android malware presents a serious challenge to the security of millions of users globally. While many machine learning-based methods have been developed to detect these threats, their reliance on large labeled datasets limits their effectiveness against emerging,...
New Android Malware Surge Hits Devices via Overlays, Virtualization Fraud, and NFC Theft
Cybersecurity researchers have exposed the inner workings of an Android malware called AntiDot that has compromised over 3,775 devices as part of 273 unique campaigns. "Operated by the financially motivated threat actor LARVA-398, AntiDot is actively sold as a Malware-as-a-Service MaaS on...
MADCAT: Combating Malware Detection under Concept Drift with Test-Time Adaptation
We present MADCAT, a self-supervised approach designed to address the concept drift problem in malware detection. MADCAT employs an encoder-decoder architecture and works by test-time training of the encoder on a small, balanced subset of the test-time data using a self-supervised objective. Duri...
LAMDA: a Longitudinal Android Malware Benchmark for Concept Drift Analysis
Machine learning ML-based malware detection systems often fail to account for the dynamic nature of real-world training and test data distributions. In practice, these distributions evolve due to frequent changes in the Android ecosystem, adversarial development of new malware families, and the...
MalVis: a Large-Scale Image-Based Framework and Dataset for Advancing Android Malware Classification
As technology advances, Android malware continues to pose significant threats to devices and sensitive data. The open-source nature of the Android OS and the availability of its SDK contribute to this rapid growth. Traditional malware detection techniques, such as signature-based, static, and...
A week in security (April 21 – April 27)
Last week on Malwarebytes Labs: AI is getting "creepy good" at geo-guessing Zoom attack tricks victims into allowing remote access to install malware and steal money Android malware turns phones into malicious tap-to-pay machines 4.7 million customers’ data accidentally leaked to Google by Blue...
FCGHunter: Towards Evaluating Robustness of Graph-Based Android Malware Detection
Graph-based detection methods leveraging Function Call Graphs FCGs have shown promise for Android malware detection AMD due to their semantic insights. However, the deployment of malware detectors in dynamic and hostile environments raises significant concerns about their robustness. While recent...
Android malware turns phones into malicious tap-to-pay machines
Got an Android phone? Got a tap-to-pay card? Then you're like millions of other users now at risk from a new form of cybercrime - malware that can read your credit or debit card and hand its data over to an attacker. A newly discovered malicious program effectively turns Android phones into...
SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks
A new Android malware-as-a-service MaaS platform named SuperCard X can facilitate near-field communication NFC relay attacks, enabling cybercriminals to conduct fraudulent cashouts. The active campaign is targeting customers of banking institutions and card issuers in Italy with an aim to...
Hackers Are Using Microsoft’s .NET MAUI to Spread Android Malware
McAfee Labs reveals new Android malware exploiting .NET MAUI to steal user data. Learn about advanced evasion techniques and how to stay protected...
Hackers Use .NET MAUI to Target Indian and Chinese Users with Fake Banking, Social Apps
Cybersecurity researchers are calling attention to an Android malware campaign that leverages Microsoft's .NET Multi-platform App UI .NET MAUI framework to create bogus banking and social media apps targeting Indian and Chinese-speaking users. "These threats disguise themselves as legitimate apps...
CVE-2025-30259
The WhatsApp cloud service before late 2024 did not block certain crafted PDF content that can defeat a sandbox protection mechanism and consequently allow remote access to messaging applications by third parties, as exploited in the wild in 2024 for installation of Android malware associated wit...
CVE-2025-30259
The WhatsApp cloud service before late 2024 did not block certain crafted PDF content that can defeat a sandbox protection mechanism and consequently allow remote access to messaging applications by third parties, as exploited in the wild in 2024 for installation of Android malware associated wit...
PT-2025-11993 · Meta · Whatsapp
Name of the Vulnerable Software and Affected Versions: WhatsApp cloud service affected versions not specified Description: The issue concerns the WhatsApp cloud service, which did not block certain crafted PDF content. This crafted content can defeat a sandbox protection mechanism, allowing remot...
CVE-2025-30259
The WhatsApp cloud service before late 2024 did not block certain crafted PDF content that can defeat a sandbox protection mechanism and consequently allow remote access to messaging applications by third parties, as exploited in the wild in 2024 for installation of Android malware associated wit...
CVE-2025-30259
The WhatsApp cloud service before late 2024 did not block certain crafted PDF content that can defeat a sandbox protection mechanism and consequently allow remote access to messaging applications by third parties, as exploited in the wild in 2024 for installation of Android malware associated wit...
CVE-2025-30259
Summary: CVE-2025-30259 concerns the WhatsApp cloud service before late 2024, where crafted PDF content could defeat a sandbox protection mechanism and permit remote access to messaging apps by third parties, an issue reportedly exploited in the wild in 2024 for Android malware (BIGPRETZEL). Affe...
DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection
The Threat actor known as DoNot Team has been linked to a new Android malware as part of highly targeted cyber attacks. The artifacts in question, named Tanzeem meaning "organization" in Urdu and Tanzeem Update, were spotted in October and December 2024 by cybersecurity company Cyfirma. The apps ...
FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices
An Android information stealing malware named FireScam has been found masquerading as a premium version of the Telegram messaging app to steal data and maintain persistent remote control over compromised devices. "Disguised as a fake 'Telegram Premium' app, it is distributed through a...