Cisco Talos has observed a new wave of Delphi malware called Micropsia developed and operated by the Arid Viper APT group since 2017.
This campaign targets Palestinian entities and activists using politically themed lures. The latest iteration of the implant contains multiple RAT and information-gathering capabilities.…Tag: ANDROID
Introduction
Read More
In our previous article “Mobile banking fraud: BRATA strikes again” we’ve described how threat actors (TAs) leverage the Android banking trojan BRATA to perpetrate fraud via unauthorized wire transfers.
In this article, we are presenting further insights, on how BRATA is evolving in terms of both new targets and new features, such as:
Capability to perform the device factory reset: it appears that TAs are leveraging this feature to erase any trace, right after an unauthorized wire transfer attempt.…We investigated the most recent activities of APT36, also known as Earth Karkaddan, a politically motivated advanced persistent threat (APT) group, and discuss its use of CapraRAT, an Android RAT with clear similarities in design to the group’s favored Windows malware, Crimson RAT.
APT36, also known as Earth Karkaddan, a politically motivated advanced persistent threat (APT) group, has historically targeted Indian military and diplomatic resources.…
Donot Team (also known as APT-C-35 and SectorE02) is a threat actor operating since at least 2016 and known for targeting organizations and individuals in South Asia with Windows and Android malware. A recent report by Amnesty International links the group’s malware to an Indian cybersecurity company that may be selling the spyware or offering a hackers-for-hire service to governments of the region.…
Authored by: Wenfeng Yu
McAfee Mobile Research team recently discovered a new piece of malware that specifically steals Google, Facebook, Twitter, Telegram and PUBG game accounts. This malware hides in a game assistant tool called “DesiEsp” which is an assistant tool for PUBG game available on GitHub.…
Recently, the McAfee Mobile Research Team uncovered several new variants of the Android malware family BRATA being distributed in Google Play, ironically posing as app security scanners.
These malicious apps urge users to update Chrome, WhatsApp, or a PDF reader, yet instead of updating the app in question, they take full control of the device by abusing accessibility services.…
Researchers from Palo Alto Networks, has confirmed that Taomike, a Chinese mobile advertising company, has been distributing a malicious Software Development Kit (SDK) that allows Android developers for implementing in-app purchases (IAPs) for Android apps.
The SDK, which can be downloaded for free via Taomike, steals all messages on infected phones and sends them to the Taomike controlled server.…
Read More
If you are Android user and you have an app Talking Tom 3, Smart Touch, Privacy Lock then you should be vary.
FirmEye, a Security and cyber-attack firm tracked down a new mobile malware that is threat in more than 20 countries worldwide.
Kemoge, an Android-affecting malware which you can install via ads, poses a security threat.…
Researchers at Check Point Threat Prevention have detected a malicious application and said to have affected some one million people, which was published twice in the Google Play Store. The malware was packaged within an Android game called “Brain Test”.
According to the researchers, the malware was reported to Google Play twice.…
Read More
Security researchers at ESET have discovered the first malware that could allow an attacker to reset the PIN of anyone’s phone to permanently lock them out of their own device. “This ransomware also uses a nasty trick to obtain and preserve Device Administrator privileges so as to prevent uninstallation.…
(PC-google images)
Bitdefender Security Researcher, Liviu Arsene has recently revealed that a malware, identified as Android.Trojan.MKero.A has found its way into the highly legitimate apps in Android powered Google Play Store by successfully evading the Google Bouncer’s vetting algorithms. This can cause a lot of trouble for the vendors who provide paid premium services of their products as the malware can now make the services available for free.…
Read More
Photo Courtesy: Dr. Web
Security researchers from Doctor Web, Russian anti-virus software developer, have detected another new Android Trojan, which is said to be distributed among users from china to spy on their victims.
Previously, the researchers had found an Android Trojan, which spreads as a security certificate that tricks users into thinking it must be installed onto users device.…
Read More
Fake virus alert is the technique used by the Cyber criminals to trick users into thinking their system have a virus then tell them to install or buy fake applications, sometimes redirect them to spam websites.
A New fake virus alert spotted by Malware Bytes team says users that their device infected by a dangerous virus created by Chinese Hackers.…