Collaborate Disseminate
A group of sophisticated threat actors known as OceanLotus or PhantomLance has recently become known for disseminating advanced Android threats via official and third-party marketplaces since 2014. They have sought to remotely control infected devices,… Continue reading Android Campaign from Known OceanLotus APT Group Potentially Older than Estimated, Abused Legitimate Certificate
Researchers warn that the EventBot Android malware, which targets over 200 financial apps, could be the “next big mobile malware.” Continue reading New Android Malware Targets PayPal, CapitalOne App Users
Over the last several weeks, a group of unidentified hackers have been methodically testing a new piece of code designed to steal credentials people use to log into banks and other financial institutions. Like many a product developer, the hackers have been fine-tuning the malicious software to make it more effective in siphoning off data from a mobile phone. Perhaps unbeknownst to the hackers, a team of researchers have been watching and taking notes. On Thursday, the researchers, from Boston-based security company Cybereason, published their findings in an effort to preempt attacks on banking customers. It’s one of a wave of recent malicious applications designed to steal users’ banking data. In the last month, security researchers have reported malware targeting banking customers in Brazil and Spain. As an even greater number of people around the world use mobile banking, the impetus for criminals to compromise those transactions has grown. The […]
The post ‘EventBot’ comes online amidst flurry of regularly-updated banking trojans appeared first on CyberScoop.
Continue reading ‘EventBot’ comes online amidst flurry of regularly-updated banking trojans
A new Android trojan targets banking customers with overlay attacks to steal their bank credentials and ultimately take over their accounts. Continue reading Banking.BR Android Trojan Emerges in Credential-Stealing Attacks
IBM X-Force recently analyzed a new Android banking Trojan dubbed “Banker.BR” that appears to be targeting users in Spain, Portugal, Brazil and other parts of Latin America.
The post New Android Banking Trojan Targets Spanish, Portuguese Speaking Users appeared first on Security Intelligence.
Continue reading New Android Banking Trojan Targets Spanish, Portuguese Speaking Users
A Syrian government-backed hacking campaign has begun to distribute coronavirus-themed applications that are actually spyware, according to new research from mobile security firm Lookout. While some of the malware samples appear to have been created in March, the campaign is part of an espionage effort that has been in operation since at least January of 2018, according to Lookout. The campaign appears to target Arabic-speakers, Syrians, and those who may be critical of the Syrian government, Lookout Senior Security Intelligence Engineer Kristen Del Rosso told CyberScoop. “This is an ongoing campaign that has used a variety of application titles,” Del Rosso said. “But as with any major political event, economic event, health event — a new crisis gives actors something new to talk about to infect people [with malware].” In the last month alone, hackers tied to the Syrian government have leveraged at least 71 new malicious Android applications using coronavirus […]
The post Syrian government surveillance campaign turns to spreading malware in coronavirus apps appeared first on CyberScoop.
Remember xHelper?
A mysterious piece of Android malware that re-installs itself on infected devices even after users delete it or factory reset their devices—making it nearly impossible to remove.
xHelper reportedly infected over 45,000 devices last … Continue reading Unveiled: How xHelper Android Malware Re-Installs Even After Factory Reset
Coronavirus-themed scams show no signs of letting up as hackers try to breach mobile phone users in Italy and Spain, the two countries with the most deaths from the virus. Attackers laced mobile apps with malware to try to steal data from Italian and Spanish residents looking for updates on the pandemic, according to Slovakian antivirus firm ESET. The phony apps pose as legitimate ones offering updates on the spread of the novel coronavirus and how to assess your risk of infection. “Because of the current situation, many [hacking] campaigns are either migrating to a COVID-19 theme or new campaigns are created with a COVID-19 theme,” said Lukas Stefanko, an Android security specialist at ESET. The apps were available for download for a couple days. It is unclear how many people downloaded them. It is a reminder of the cruel opportunism with which many cybercriminals approach the crisis. When people turn to their phones for information on the deadly virus, hackers see […]
The post Hackers target mobile users in Italy in Spain, taking advantage of coronavirus hot spots appeared first on CyberScoop.
Preying on public fears, the ongoing coronavirus outbreak is proving to be a goldmine of opportunity for attackers to stage a variety of malware attacks, phishing campaigns, and create scam sites and malicious tracker apps.
Now in a fresh twist, third… Continue reading Watch Out: Android Apps in Google Play Store Capitalizing on Coronavirus Outbreak
As new developments regarding the coronavirus outbreak emerge, Android developers (malware developers included) have started capitalizing the topic. Bitdefender researchers have recently analyzed Android telemetry from Google Play – and other thi… Continue reading Android Apps and Malware Capitalize on Coronavirus