Android Security

Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets

Cybersecurity researchers have uncovered six new Android malware families designed to steal sensitive data from infected devices and carry out financial fraud. These threats primarily target banking applications, cryptocurrency wallets, and digital payment platforms. The discovered malware includes several banking trojans and remote access tools capable of monitoring user activity, hijacking financial transactions, and gaining full control over […]

Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets Read More »

Google Confirms Active Exploitation of CVE-2026-21385 in Qualcomm Android Component

Google has confirmed that a high severity vulnerability affecting a Qualcomm open source component used in Android devices is being actively exploited in targeted attacks. The flaw, tracked as CVE-2026-21385 with a CVSS score of 7.8, impacts the Graphics component and involves a buffer over read issue that may lead to memory corruption. Qualcomm Advisory

Google Confirms Active Exploitation of CVE-2026-21385 in Qualcomm Android Component Read More »

PromptSpy Android Malware Exploits Gemini AI to Automate Recent-Apps Persistence

Cybersecurity researchers have uncovered a sophisticated Android malware, named PromptSpy, that leverages Google’s generative AI chatbot Gemini to automate actions and ensure persistence on infected devices. This marks one of the first known cases of malware incorporating generative AI into its operational flow. How PromptSpy Operates PromptSpy is capable of: According to Lukáš Štefanko, Gemini is

PromptSpy Android Malware Exploits Gemini AI to Automate Recent-Apps Persistence Read More »

Fake IPTV Apps Distribute Massiv Android Malware Targeting Mobile Banking Users

Cybersecurity experts have identified a new Android banking trojan called Massiv, designed to conduct device takeover (DTO) attacks for financial theft. The malware hides inside seemingly legitimate IPTV apps, luring users who are searching for online TV services and giving attackers remote control over infected devices. How Massiv Operates According to ThreatFabric, Massiv first appeared in

Fake IPTV Apps Distribute Massiv Android Malware Targeting Mobile Banking Users Read More »

Keenadu Firmware Backdoor Infects Android Tablets Through Signed OTA Updates

Kaspersky researchers have uncovered a sophisticated Android firmware backdoor, dubbed Keenadu, which silently harvests data and enables remote control of infected devices. The malware is embedded in device firmware, affecting brands including Alldocube, and is delivered through signed OTA updates dating back to August 2023. Unlike conventional malware, Keenadu operates at the firmware level, loading into the

Keenadu Firmware Backdoor Infects Android Tablets Through Signed OTA Updates Read More »

WhatsApp Worm Propagates Astaroth Banking Trojan in Brazil Through Auto-Messaging

Cybersecurity researchers have uncovered a new malware campaign that abuses WhatsApp as a distribution channel to spread the Astaroth banking trojan across Brazil. The operation specifically targets Windows users and represents an evolution in how financial malware is propagated in the region. The campaign has been named Boto Cor-de-Rosa by the Acronis Threat Research Unit.

WhatsApp Worm Propagates Astaroth Banking Trojan in Brazil Through Auto-Messaging Read More »

Kimwolf Android Botnet Infects Over 2 Million Devices Through Exposed ADB and Proxy Networks

Cybersecurity researchers have uncovered large scale activity linked to an Android botnet known as Kimwolf, which has compromised more than two million devices by abusing exposed Android Debug Bridge (ADB) services and tunneling through residential proxy networks. The findings were revealed in a recent analysis by Synthient. According to researchers, threat actors operating the Kimwolf botnet

Kimwolf Android Botnet Infects Over 2 Million Devices Through Exposed ADB and Proxy Networks Read More »