HackDig : Dig high-quality web security articles

Duo of Android dropper and payload target certain countries and app users

After making its first in-the-wild appearance in March 2021, Vultur—an information-stealing RAT that runs on Android—is back. And its dropper is equally nasty. Vultur (Romanian for “vulture”) is known to target banks, cryptocurrency wallets, social media (Facebook, TikTok), and messaging services (WhatsApp, Viber) to harvest credentials using
Publish At:2022-02-01 12:46 | Read:1600 | Comments:0 | Tags:Android "2FA Authenticator" Android dropper android malware

Android malware BRATA can wipe devices

Cleafy, a cybersecurity firm specializing in online fraud, has published new details about banking Trojan BRATA (Brazilian Remote Access Tool, Android), a known malware strain that first became widespread in 2019. BRATA is now being used to perform factory resets on victims’ machines. It’s rare for malware to damage or wipe victims’ mach
Publish At:2022-02-01 08:50 | Read:1843 | Comments:0 | Tags:Android Android banking Trojan android malware android rat B

New Android banking Malware targets Brazil’s Itaú Unibanco Bank

Researchers analyzed a new Android banking malware that targets Brazil’s Itaú Unibanco that spreads through fake Google Play Store pages. Researchers from threat intelligence firm Cyble analyzed a new Android banking malware that targets Brazil’s Itaú Unibanco trying to perform fraudulent financial transactions on the legitimate Itaú Unibanco 
Publish At:2021-12-27 06:23 | Read:2807 | Comments:0 | Tags:Breaking News Cyber Crime Malware Mobile Android Android mal

Have you downloaded that Android malware from the Play Store lately?

Security researchers have discovered banking Trojan apps on the Google Play Store, and say they have been downloaded by more than 300,000 Android users. As you may know, banking Trojans are kitted for stealing banking data like your username and password, and two-factor authentication (2FA) codes that you use to login to your bank account. They also capab
Publish At:2021-12-01 08:49 | Read:1482 | Comments:0 | Tags:Android 2fa Alien Android malware Alien campaign Anatsa Andr

A week in security (Nov 15 – Nov 21)

Last week on Malwarebytes Labs Instagram’s memorialize feature abused to memorialize…Instagram’s bossEvasive manoeuvres: HTML smuggling explainedFBI server hijacked to send up to 100,000 bogus attack mailsNew Mac malware raises more questions about Apple’s security patchingSharkBot Android banking Trojan cleans users outSoNot SoSa
Publish At:2021-11-22 08:49 | Read:33 | Comments:0 | Tags:A week in security 0-day amazon Android banking Trojan andro

BrazKing Android Malware Upgraded and Targeting Brazilian Banks

Nethanella Messer and James Kilner contributed to the technical editing of this blog. IBM Trusteer researchers continually analyze financial fraud attacks in the online realms. In recent research into mobile banking malware, we delved into the BrazKing malware’s inner workings following a sample found by MalwareHunterTeam. BrazKing is an Android banki
Publish At:2021-11-17 10:05 | Read:3229 | Comments:0 | Tags:Mobile Security Application Security Banking & Finance Fraud

SoNot SoSafe: Android malware disguises itself as secure messaging app

If you haven’t heard of SoSafe Chat, you will now. This Android app, purported as a secure messaging application that uses end-to-end encryption, is the latest ruse cybercriminals put upon smartphone users, particularly those based in India, to infect their devices with GravityRAT, a piece of malicious software that is known to spy on people and steal the
Publish At:2021-11-16 12:44 | Read:2427 | Comments:0 | Tags:Android android malware GravityRAT Indian armed forces malve

PhoneSpy: The App-Based Cyberattack Snooping South Korean Citizens

Many of the malware campaigns we have detected over the last year have been global at scale, targeting anyone with little regard to their location. Recently, we discovered and began monitoring the activity behind PhoneSpy, a spyware aimed at South Korean residents with Android devices. With more than a thousand South Korean victims, the malicious group behin
Publish At:2021-11-10 07:03 | Read:4028 | Comments:0 | Tags:Android Mobile Malware Threat Research android malware phone

A week in security (Oct 4 – Oct 10)

Last week on Malwarebytes Labs Does Cybersecurity Awareness Month actually improve security?Police take a piece out of a ransomware gang, but won’t say which oneNeiman Marcus data breach affects millionsWindows 11 is out. Is it any good for security?Criminals were inside Syniverse for 5 years before anyone noticedFacebook shoots own foot, hits Instagram a
Publish At:2021-10-11 10:14 | Read:1426 | Comments:0 | Tags:Malwarebytes news 5G Android android malware Apache. firefox

GriftHorse Android Trojan Steals Millions from Over 10 Million Victims Globally

With the increase of mobile device use in everyday life, it is no surprise to see cybercriminals targeting these endpoints for financial crimes. Zimperium zLabs recently discovered an aggressive mobile premium services campaign with upwards of 10 million victims globally, and the total amount stolen could be well into the hundreds of millions of Euros. Whil
Publish At:2021-09-29 09:10 | Read:2391 | Comments:0 | Tags:Android Mobile Malware android malware GriftHorse Premium SM

Joker Is Still No Laughing Matter

As one of the key members of Google’s App Defense Alliance, Zimperium helps ensure the Android ecosystem is safer by processing all apps before they reach Google Play. Despite this direct involvement, malicious applications can find their way to Android devices through various app stores, sideloaded applications, and compromises malicious websites that tric
Publish At:2021-07-13 13:12 | Read:1759 | Comments:0 | Tags:Android App Security Mobile Malware Mobile Security Mobile T

DroidMorph tool generates Android Malware Clones that

Boffins developed a tool dubbed DroidMorph that provides morphing of Android applications (APKs) and allows to create Android apps (malware/benign) clones. A group of researchers from Adana Science and Technology University (Turkey) and the National University of Science and Technology (Islamabad, Pakistan) has developed a tool dubbed DroidMorph that prov
Publish At:2021-06-22 06:10 | Read:1741 | Comments:0 | Tags:Breaking News Malware Android Android malware Cybersecurity

A week in security (May 10 – 16)

Last week on Malwarebytes Labs, we watched and reported on the Colonial Pipeline ransomware attack as developments of its story unfolded. This attack triggered the White House to refine a planned Executive Order on cybersecurity. We also profiled DarkSide, the ransomware responsible for the Colonial Pipeline attack, and the criminal gang behind it. Speaki
Publish At:2021-05-17 07:29 | Read:2072 | Comments:0 | Tags:A week in security a week in security AirTag Amazon robocall

What is Ghimob Malware?

A new Android malware strain ‘Ghimob’ is mimicking third-party mobile (mainly banking) apps to spy and steal user data when downloaded and installed. This Trojan virus steals data from users, primarily targeting online banking and cryptocurrency. As of the end of 2020, it is believed to siphon data from more than 153 apps by asking for accessibi
Publish At:2021-05-07 09:51 | Read:1587 | Comments:0 | Tags:Mobile Security Software & App Vulnerabilities Banking & Fin

Flubot vs. Zimperium

Over the past few weeks, reports of the newest aggressive malware family to impact Android devices have made the rounds. Flubot, the credential and banking malware family, uses SMS phishing techniques to propagate to its victims, purporting to be various vendors and delivery services. The group behind this aggressive malware takes advantage of a common but
Publish At:2021-05-05 12:25 | Read:2021 | Comments:0 | Tags:Android Mobile Malware Mobile Security Threat Research andro

Announce

Share high-quality web security related articles with you:)
Tell me why you support me <3

Tag Cloud