Lucene search
K

13 matches found

Microsoft Secure
Microsoft Secure
added 2026/05/06 3:20 p.m.14 views

ClickFix campaign uses fake macOS utilities lures to deliver infostealers

In this article 1. Activity overview 2. Mitigation and protection guidance 3. Hunting queries 4. Indicators of compromise Microsoft researchers continue to observe the evolution of an infostealer campaign distributing ClickFix‑style instructions and targeting macOS users. In this recent iteration...

6.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/11/11 11:44 a.m.12 views

Android Trojan 'Fantasy Hub' Malware Service Turns Telegram Into a Hub for Hackers

Cybersecurity researchers have disclosed details of a new Android remote access trojan RAT called Fantasy Hub that's sold on Russian-speaking Telegram channels under a Malware-as-a-Service MaaS model. According to its seller, the malware enables device control and espionage, allowing threat actor...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/13 1:55 p.m.15 views

Arid Viper Launches Mobile Espionage Campaign with AridSpy Malware

The threat actor known as Arid Viper has been attributed to a mobile espionage campaign that leverages trojanized Android apps to deliver a spyware strain dubbed AridSpy. "The malware is distributed through dedicated websites impersonating various messaging apps, a job opportunity app, and a...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/04/11 12:29 p.m.2 views

Cybercriminals Turn to Android Loaders on Dark Web to Evade Google Play Security

Malicious loader programs capable of trojanizing Android applications are being traded on the criminal underground for up to $20,000 as a way to evade Google Play Store defenses. "The most popular application categories to hide malware and unwanted software include cryptocurrency trackers,...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/17 10:22 a.m.3 views

Lookalike Telegram and WhatsApp Websites Distributing Cryptocurrency Stealing Malware

Copycat websites for instant messaging apps like Telegram and WhatApp are being used to distribute trojanized versions and infect Android and Windows users with cryptocurrency clipper malware. "All of them are after victims' cryptocurrency funds, with several targeting cryptocurrency wallets," ES...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/07 11:39 a.m.2 views

Transparent Tribe Hackers Distribute CapraRAT via Trojanized Messaging Apps

A suspected Pakistan-aligned advanced persistent threat APT group known as Transparent Tribe has been linked to an ongoing cyber espionage campaign targeting Indian and Pakistani Android users with a backdoor called CapraRAT. "Transparent Tribe distributed the Android CapraRAT backdoor via...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2022/11/11 2:26 p.m.24 views

Experts Uncover Two Long-Running Android Spyware Campaigns Targeting Uyghurs

Two long-running surveillance campaigns have been found targeting the Uyghur community in China and elsewhere with Android spyware tools designed to harvest sensitive information and track their whereabouts. This encompasses a previously undocumented malware strain called BadBazaar and updated...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2022/08/08 7:0 a.m.47 views

Meta Cracks Down on Cyber Espionage Operations in South Asia Abusing Facebook

Facebook parent company Meta disclosed that it took action against two espionage operations in South Asia that leveraged its social media platforms to distribute malware to potential targets. The first set of activities is what the company described as "persistent and well-resourced" and undertak...

0.7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/06/13 1:50 p.m.43 views

Chinese Hackers Distribute Backdoored Web3 Wallets for iOS and Android Users

A technically sophisticated threat actor known as SeaFlower has been targeting Android and iOS users as part of an extensive campaign that mimics official cryptocurrency wallet websites intending to distribute backdoored apps that drain victims' funds. Said to be first discovered in March 2022, t...

0.5AI score
Exploits0
ThreatPost
ThreatPost
added 2021/11/16 9:46 p.m.43 views

Rooting Malware Is Back. Here’s What to Look Out For.

Over the last several years, as the Android ecosystem matured, widely-distributed malware with rooting capabilities has become rare. But its rarity doesn’t mean it’s not still a threat. By definition, rooting malware is extremely dangerous because it can gain privileged access to the Android...

7.8CVSS8.2AI score0.03246EPSS
Exploits8References6
ThreatPost
ThreatPost
added 2020/07/01 2:55 p.m.100 views

New Android Spyware Tools Emerge in Widespread Surveillance Campaign

Researchers have uncovered a surveillance campaign, dating back to at least 2013, which has used a slew of Android surveillanceware tools to spy on the Uyghur ethnic minority group. The campaign uses three never-before-seen Android surveillanceware tools, dubbed SilkBean, GoldenEagle and...

8.4AI score
Exploits0References11
ThreatPost
ThreatPost
added 2018/03/08 11:59 a.m.14 views

Lookout: Dark Caracal Points To APT Actors Moving To Mobile Targets

CANCUN, Mexico – On the heels of global cyber espionage campaign Dark Caracal, security firm Lookout is sounding the alarm on how it is indicative of advanced persistent threats moving from desktop platforms to mobile platforms. Dark Caracal, which was first discovered by researchers in January, ...

7AI score
Exploits0References2
Malwarebytes
Malwarebytes
added 2018/02/12 2:0 p.m.17 views

Drive-by cryptomining campaign targets millions of Android users

Malvertising and online fraud through forced redirects and Trojanized apps—to cite the two most common examples—are increasingly plaguing Android users. In many cases, this is made worse by the fact that people often don't use web filtering or security applications on their mobile devices. A...

7.1AI score
Exploits0
Rows per page
Query Builder