The SonicWall Capture Labs threat research team has been regularly sharing information about malware targeting Android devices.
The researchers encountered similar RAT samples before, but this one includes extra commands and phishing attacks designed to harvest credentials. This malware uses famous Android app icons to mislead users and trick victims into installing the malicious app on their devices.
Read more…
Source: SonicWall
Related:
- New spyware found to be snooping on thousands of Android and iOS users
February 28, 2025
Hundreds of thousands of Android users, as well as several thousand iPhone users, have had their sensitive data compromised by a spouseware app, called Spyzie. The apps were found leaking email addresses, text messages, call logs, photographs, and other sensitive data, belonging to millions of people who, without their knowledge or consent, have had these apps ...
- Spyware maker caught distributing malicious Android apps for years
February 13, 2025
Italian spyware maker SIO, known to sell its products to government customers, is behind a series of malicious Android apps that masquerade as WhatsApp and other popular apps but steal private data from a target’s device, TechCrunch has exclusively learned. Late last year, a security researcher shared three Android apps with TechCrunch, claiming they were likely ...
- Download a banking Trojan to track your parcel
December 17, 2024
In late October 2024, a new scheme for distributing a certain Android banking Trojan called “Mamont” was uncovered. The victim would receive an instant message from an unknown sender asking to identify a person in a photo. The attackers would then send what appeared to be the photo itself but was actually a malware installer. Shortly ...
- MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
December 5, 2024
Trend Micro researchers have been continuously monitoring the MOONSHINE exploit kit’s activity since 2019. During our research, they discovered a MOONSHINE exploit kit server with improper operational security: Its server exposed MOONSHINE’s toolkits and operation logs, which revealed the information of possible victims and the attack tactics of a threat actor we have named Earth ...
- Update your Android: Google patches two zero-day vulnerabilities
November 6, 2024
Google has announced patches for several high severity vulnerabilities. In total, 51 vulnerabilities have been patched in November’s updates, two of which are under limited, active exploitation by cybercriminals. If your Android phone shows patch level 2024-11-05 or later then the issues discussed below have been fixed. The updates have been made available for Android 12, ...
- Android malware FakeCall intercepts your calls to the bank
October 31, 2024
An Android banking Trojan called FakeCall is capable of hijacking the phone calls you make to your bank. Instead of reaching your bank, your call will be redirected to the cybercriminals. The Trojan accomplishes this by installing itself as the default call handler on the infected device. The default call handler app is responsible for managing ...