MOONSHINE and BADBAZAAR are examples of trojans; they have malicious functions hidden inside an otherwise functioning app that can be downloaded from app stores or online file-sharing services.
These apps are designed to trick a user into downloading and installing them on a device. Once an app is installed, it uses vulnerabilities on the device to perform unauthorised functions, or it may rely on a user granting app permissions to access and download information from the device, including: > location data including real time tracking > access to microphone and camera > messages, photos and other files stored on the device > device information and more
Read more…
Source: U.S. Federal Bureau of Investigation Cyber Division
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Brazil probes emergency warning system after nationwide rogue alert
June 22, 2026
The Brazilian National Secretariat for Civil Protection and Defense (SEDEC) and Federal Police (PF) are investigating a suspected hack of the country’s emergency alert system after an unauthorized “extreme” alert pinged devices across the country. Defesa Civil Nacional confirmed that its dispatch platform, often used to inform the public about severe weather events, was taken offline in ...
- Gizmodo readers hit with ClickFix malware prompts after account compromise
June 22, 2026
Veteran tech website Gizmodo confirmed a compromise on Saturday after readers reported ClickFix malware prompts appearing on article pages. Users posted screenshots of fake CAPTCHA windows appearing on Gizmodo’s site. The attack aims to fool users into running malicious code via their terminals. According to Proofpoint threat researcher Tommy M, the attack was seemingly launched by an affiliate of ...
- Cyber criminals who hacked into Transport for London’s computer network are convicted
June 22, 2026
Two young men have admitted mounting a cyber attack on Transport for London (TfL), which cost tens of millions of pounds in losses and inconvenienced thousands of customers. The National Crime Agency and City of London Police investigated Thalha Jubair, 20, from East London, and Owen Flowers, 18, from Walsall, West Midlands, after TfL’s network was ...
- Security experts warn of AI-boosted scam campaigns that can trick even the smartest victims
June 21, 2026
Messaging scams are becoming increasingly sophisticated as criminals use AI to imitate trusted people, familiar brands, and everyday conversations. New research from Kaspersky suggests these schemes are succeeding with alarming speed, often convincing victims to hand over money within minutes. The findings indicate that digital experience alone may no longer provide reliable protection against modern fraud attempts. Read more… Source: TechRadar ...
- Shadowbyt3$ claims Nintendo of America breach, stealing ~1GB of employee data from TinyPulse survey platform and demanding $2M ransom
June 20, 2026
Nintendo of America has confirmed suffering a third-party data breach incident, but played down its severity. An “extortion-as-a-service” hacking group called Shadowbyt3$ recently claimed to have breached Nintendo of America, a subsidiary of the Japanese gaming giant, operating in the United States, Canada, and some Latin America countries, and exfiltrated sensitive data on its employees. Read more… Source: ...
- Apple users told to watch out for ‘unpatchable’ iPhone security issues – here’s what we know
June 19, 2026
Security researchers Paradigm Shift have discovered a vulnerability in older iPhone and Apple Watch models which can be used to jailbreak the devices. What makes this vulnerability special is the fact that there is no fix for it – the only way to really be secure is to replace the device with a newer model. The good news is that ...