SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps

Cybersecurity researchers have found that threat actors are setting up deceptive websites hosted on newly registered domains to deliver a known Android malware called SpyNote. These bogus websites masquerade as Google Play Store install pages for apps like the Chrome web browser, indicating an...

SpyNote Android Spyware Poses as Legit Crypto Wallets, Steals Funds

By Deeba Ahmed From Banking Apps to Crypto Wallets: SpyNote Malware Evolves for Financial Gain. This is a post from HackRead.com Read the original post: SpyNote Android Spyware Poses as Legit Crypto Wallets, Steals Funds...

SpyNote: Beware of This Android Trojan that Records Audio and Phone Calls

The Android banking trojan known as SpyNote has been dissected to reveal its diverse information-gathering features. Typically spread via SMS phishing campaigns, attack chains involving the spyware trick potential victims into installing the app by clicking on the embedded link, according to...

SpyNote Spyware Returns with SMS Phishing Against Banking Customers

By Habiba Rashid In its recent attack campaign, SpyNote Spyware is sending victims fake SMS messages urging them to install a new certified banking app. This is a post from HackRead.com Read the original post: SpyNote Spyware Returns with SMS Phishing Against Banking Customers...

European Bank Customers Targeted in SpyNote Android Trojan Campaign

Various European customers of different banks are being targeted by an Android banking trojan called SpyNote as part of an aggressive campaign detected in June and July 2023. "The spyware is distributed through email phishing or smishing campaigns and the fraudulent activities are executed with a...

New Android Malware CherryBlos Utilizing OCR to Steal Sensitive Data

A new Android malware strain called CherryBlos has been observed making use of optical character recognition OCR techniques to gather sensitive data stored in pictures. CherryBlos, per Trend Micro, is distributed via bogus posts on social media platforms and comes with capabilities to steal...

OilAlpha: Emerging Houthi-linked Cyber Threat Targets Arabian Android Users

A hacking group dubbed OilAlpha with suspected ties to Yemen's Houthi movement has been linked to a cyber espionage campaign targeting development, humanitarian, media, and non-governmental organizations in the Arabian peninsula. "OilAlpha used encrypted chat messengers like WhatsApp to launch...

SpyNote Strikes Again: Android Spyware Targeting Financial Institutions

Financial institutions are being targeted by a new version of Android malware called SpyNote at least since October 2022 that combines both spyware and banking trojan characteristics. "The reason behind this increase is that the developer of the spyware, who was previously selling it to other...

Fake govt-issued COVID-19 contact tracing apps spread spyware

By Waqas These malicious COVID-19 apps also drop nasty pieces of malware including Anubis and SpyNote. This is a post from HackRead.com Read the original post: Fake govt-issued COVID-19 contact tracing apps spread spyware...

Apps Infected With SonicSpy Spyware Removed From Google Play

Three messaging apps in the Google Play store contained spyware called SonicSpy. According to researchers, the spyware also infected more than 1,000 additional apps hosted at third-party Android app stores. Researchers at Lookout traced the spyware-infected apps to an Iraqi developer identified a...

SpyNote RAT Now Disguised As Netflix App

A new version of the SpyNote Trojan is designed to trick Android users into thinking it’s a legitimate Netflix application. Once installed, the remote access Trojan RAT essentially hands control of the device over to the hacker, enabling them to copy files, view contacts, and eavesdrop on the...

New Trojan SpyNote Installs Backdoor on Android Devices

A new Android Trojan called SpyNote has been identified by researchers who warn that attacks are forthcoming. The Trojan, found by Palo Alto Networks’ Unit 42 team, has not been spotted in any active campaigns, but it is now widely available on the Dark Web and that it will soon be used in a wave...