Mobile Threats

Android Trojan ‘Fantasy Hub’ Turns Telegram into a Malware Service Hub for Hackers

A sophisticated new Android Remote Access Trojan (RAT) named “Fantasy Hub” is being marketed as Malware-as-a-Service (MaaS) on Russian-speaking Telegram channels. This malware provides attackers with comprehensive control over infected devices, posing a direct threat to both individual mobile banking users and enterprises with Bring Your Own Device (BYOD) policies. A Professionalized Cybercrime Service Fantasy […]

Android Trojan ‘Fantasy Hub’ Turns Telegram into a Malware Service Hub for Hackers Read More »

Zero-Click Samsung Flaw Used to Deliver LANDFALL Android Spyware Through WhatsApp

A critical security vulnerability in Samsung Galaxy Android devices was exploited as a zero-day to deploy a sophisticated commercial-grade spyware known as LANDFALL. The targeted attacks, focused in the Middle East, used a specially crafted image file sent through WhatsApp to compromise devices without any user interaction. The Exploited Vulnerability and Its Patch The flaw,

Zero-Click Samsung Flaw Used to Deliver LANDFALL Android Spyware Through WhatsApp Read More »

Researchers Discover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial Information

Cybersecurity researchers have exposed two sophisticated Android trojans, BankBot-YNRK and DeliveryRAT, which are actively stealing sensitive financial information from users worldwide. These malware families employ advanced evasion techniques and abuse core phone functionalities to commit fraud and data theft on a significant scale. BankBot-YNRK: A Highly Evasive Banking Trojan Analyzed by CYFIRMA, BankBot-YNRK is a dangerous malware

Researchers Discover BankBot-YNRK and DeliveryRAT Android Trojans Stealing Financial Information Read More »

Google’s Built-In AI Defenses on Android Now Block 10 Billion Scam Messages Monthly

In a significant demonstration of its proactive security measures, Google has announced that its built-in scam defenses on the Android platform are now protecting users from over 10 billion suspected malicious calls and messages every single month. This massive filtering effort is powered by on-device artificial intelligence, creating a formidable barrier against modern digital fraud.

Google’s Built-In AI Defenses on Android Now Block 10 Billion Scam Messages Monthly Read More »

New Android Trojan ‘Herodotus’ Evades Anti-Fraud Systems by Mimicking Human Typing Behavior

Security researchers have uncovered a new Android banking trojan, named Herodotus, which is being used in active campaigns targeting users in Italy and Brazil. The malware aims for device takeover, or DTO, and stands out because it deliberately mimics human typing patterns to evade timing-based, behaviour-only anti-fraud systems. What Herodotus is, and where it came

New Android Trojan ‘Herodotus’ Evades Anti-Fraud Systems by Mimicking Human Typing Behavior Read More »

GhostBat RAT Masquerades as Fake RTO Android Apps to Steal Banking Data from Indian Users

A new, persistent Android campaign, attributed to GhostBat RAT, impersonates Regional Transport Office, RTO, applications to steal banking data from Indian users. Attackers distribute malicious droppers through WhatsApp, SMS with shortened URLs, GitHub hosted APKs, and compromised websites, then use multi stage loading, ZIP header manipulation, native libraries, and extensive string obfuscation to avoid detection

GhostBat RAT Masquerades as Fake RTO Android Apps to Steal Banking Data from Indian Users Read More »

ClayRat Spyware Targets Android Users Using Fake WhatsApp, TikTok Apps

A sophisticated Android spyware campaign, known as ClayRat, has been actively targeting users in Russia by exploiting fake apps and deceptive websites. The threat actors are impersonating widely-used apps such as WhatsApp, TikTok, Google Photos, and YouTube to trick victims into installing malware. According to Zimperium researcher Vishnu Pratapagiri, once installed, ClayRat can collect SMS messages, call

ClayRat Spyware Targets Android Users Using Fake WhatsApp, TikTok Apps Read More »

Proof of Concept Exploit Released for Nothing Phone Remote Code Execution Vulnerability

A proof of concept exploit, called Fenrir and published by researcher R0rt1z2, has been released for a critical weakness in the secure boot chain used by the Nothing Phone (2a) and CMF Phone 1, and likely present in other devices using MediaTek system on chips. The exploit lets an attacker run code at the highest

Proof of Concept Exploit Released for Nothing Phone Remote Code Execution Vulnerability Read More »

Researchers Alert on SORVEPOTEL, a Self-Spreading Malware Targeting WhatsApp Users

A newly discovered malware campaign is targeting WhatsApp users in Brazil, spreading rapidly through phishing techniques. The malware, named SORVEPOTEL by Trend Micro researchers, is designed for fast propagation rather than data theft or ransomware. The attack begins when compromised WhatsApp accounts send phishing messages containing malicious ZIP file attachments. These files often appear as

Researchers Alert on SORVEPOTEL, a Self-Spreading Malware Targeting WhatsApp Users Read More »

Android Spyware Masquerades as Signal Encryption Plugin and ToTok Pro, Users at Risk

Cybersecurity experts have uncovered two dangerous Android spyware campaigns known as ProSpy and ToSpy, targeting users in the United Arab Emirates (U.A.E.). These malicious campaigns disguise themselves as popular apps such as Signal Encryption Plugin and ToTok Pro to trick unsuspecting victims into installing spyware on their devices. Fake Apps and Distribution Tactics According to

Android Spyware Masquerades as Signal Encryption Plugin and ToTok Pro, Users at Risk Read More »