Mobile Threats

Android Malware FvncBot, SeedSnatcher, and ClayRat Now Feature Enhanced Data Theft Capabilities

Cybersecurity analysts have uncovered significant updates in multiple Android threat campaigns. Two newly identified malware families, named FvncBot and SeedSnatcher, have come to light, while researchers also report an upgraded strain of ClayRat circulating in active attacks. These findings were published by Intel 471, CYFIRMA, and Zimperium. FvncBot Targets Polish Banking Users With Advanced Fraud […]

Android Malware FvncBot, SeedSnatcher, and ClayRat Now Feature Enhanced Data Theft Capabilities Read More »

GoldFactory Targets Southeast Asia with Modified Banking Apps Behind 11,000 Plus Infections

Cybercriminals linked to the financially motivated group GoldFactory have launched a new wave of mobile attacks across Indonesia, Thailand, and Vietnam by posing as government authorities and local service providers. According to a technical assessment released by Group IB, the campaign has been active since October 2024 and relies on doctored versions of legitimate banking

GoldFactory Targets Southeast Asia with Modified Banking Apps Behind 11,000 Plus Infections Read More »

Brazil Faces Banking Trojan Spread Through WhatsApp Worm and RelayNFC Relay Fraud

Brazil is facing a growing wave of cyberattacks as the threat actor known as Water Saci rolls out a more advanced infection chain that spreads banking malware through WhatsApp Web and relies on layered delivery techniques using PDF and HTA files. WhatsApp Worm Used to Deliver Banking Trojan Threat analysts from Trend Micro reported that

Brazil Faces Banking Trojan Spread Through WhatsApp Worm and RelayNFC Relay Fraud Read More »

Google Fixes 107 Android Flaws Including Two Actively Exploited Framework Bugs

Google has released its latest monthly security updates for the Android operating system, delivering fixes for 107 vulnerabilities found across key system components. The update covers issues in Framework, System, Kernel, and modules from Arm, Imagination Technologies, MediaTek, Qualcomm, and Unison. Two High Severity Bugs Exploited in Real World Attacks The company confirmed that two

Google Fixes 107 Android Flaws Including Two Actively Exploited Framework Bugs Read More »

New Albiriox MaaS Malware Hits Over 400 Apps With Fraud and Screen Control

A newly advertised Android malware called Albiriox has surfaced as a powerful malware as a service [MaaS] platform, offering attackers a broad toolkit designed for on device fraud, remote interaction, and advanced screen manipulation. Security analysts report that Albiriox is rapidly gaining traction within cybercrime forums because of its extensive capabilities and its ability to

New Albiriox MaaS Malware Hits Over 400 Apps With Fraud and Screen Control Read More »

CISA Alerts on Active Spyware Campaigns Targeting High Value Signal and WhatsApp Users

The United States Cybersecurity and Infrastructure Security Agency (CISA) has issued a new advisory warning that multiple threat groups are conducting active spyware operations aimed at users of secure messaging platforms, particularly Signal and WhatsApp. The agency said attackers are deploying commercial spyware and remote access trojans to breach mobile devices through targeted social engineering

CISA Alerts on Active Spyware Campaigns Targeting High Value Signal and WhatsApp Users Read More »

New Sturnus Android Trojan Silently Captures Encrypted Chats and Takes Control of Devices

A newly identified Android banking trojan called Sturnus is raising significant concern among security researchers due to its advanced ability to steal credentials, monitor encrypted messaging apps, and take full control of infected devices. According to ThreatFabric, which analyzed the malware, Sturnus is designed for high level financial fraud and advanced surveillance, making it a

New Sturnus Android Trojan Silently Captures Encrypted Chats and Takes Control of Devices Read More »

CTM360 Reveals a Global WhatsApp Hijacking Operation Called HackOnChat

Cybersecurity researchers at CTM360 have uncovered an expanding global campaign that hijacks WhatsApp accounts by exploiting deceptive login portals and impersonation tactics. The operation, called HackOnChat, imitates the familiar WhatsApp Web environment to manipulate users into compromising their own accounts. This campaign has grown quickly, targeting individuals across multiple regions and using sophisticated social engineering

CTM360 Reveals a Global WhatsApp Hijacking Operation Called HackOnChat Read More »

Python Based WhatsApp Worm Spreads Eternidade Stealer Across Devices in Brazil

Cybersecurity analysts have uncovered a new campaign that combines social engineering with WhatsApp account hijacking to spread a Delphi based banking trojan known as Eternidade Stealer. This large scale operation specifically targets users in Brazil and relies on a Python powered WhatsApp worm to propagate malicious attachments. How the Campaign Operates Research from Trustwave SpiderLabs

Python Based WhatsApp Worm Spreads Eternidade Stealer Across Devices in Brazil Read More »

WhatsApp ‘Maverick’ Malware Hijacks Browser Sessions to Target Brazil’s Biggest Banks

Cybersecurity researchers have uncovered a sophisticated banking malware campaign in Brazil involving a new threat called Maverick, which spreads via WhatsApp and targets banking users by hijacking browser sessions. The campaign shows strong links to a prior malware strain known as Coyote, though Maverick exhibits new propagation and remote control techniques. How Maverick Spreads Maverick

WhatsApp ‘Maverick’ Malware Hijacks Browser Sessions to Target Brazil’s Biggest Banks Read More »