The BRATA Android remote access trojan (RAT) has been spotted in Italy, with threat actors calling victims of SMS attacks to steal their online banking credentials.The variant currently in circulation is new, and according to a report by researchers at Cleafy, it can pass undetected by the vast majority of AV scanners.BRATA was previously seen in Brazil

A fake Android app is masquerading as a housekeeping service to steal online banking credentials from the customers of eight Malaysian banks.The app is promoted through multiple fake or cloned websites and social media accounts to promote the malicious APK, 'Cleaning Service Malaysia.'This app was first spotted by MalwareHunterTeam last week and was subseque

Experts found four Android banking trojans that were available on the official Google Play Store and that infected +300,000 devices. Researchers from ThreatFabric discovered four distinct Android banking trojans that were spread via the official Google Play Store between August and November 2021. According to the experts, the malware infected more than 3

A threat actor, tracked as APT C-23, is using new powerful Android spyware in attacks aimed at targets in the Middle East. The APT C-23 cyberespionage group (also known as GnatSpy, FrozenCell, or VAMP) continues to target entities in the Middle East with enhanced Android spyware masqueraded as seemingly harmless app updates (i.e. AndroidUpdate,, Telegram)

The Security Service of Ukraine (SSU) has arrested five members of the international 'Phoenix' hacking group who specialize in the remote hacking of mobile devices.The SSU's announcement states that all five suspects live in Kyiv or Kharkiv and are higher technical education institutes graduates.The goal of 'Phoenix' was to gain remote access to the accounts

MediaTek fixed security vulnerabilities that could have allowed attackers to eavesdrop on Android phone calls, execute commands, or elevate their privileges to a higher level.MediaTek is one of the largest semiconductor companies in the world, with their chips present in 43% of all smartphones as of the second quarter of 2021These vulnerabilities w

Researchers spotted dozens of games on Huawei’s AppGallery catalog containing the Android.Cynos.7.origin trojan. Researchers from Dr. Web AV discovered 190 games on Huawei’s AppGallery catalog (i.e. simulators, platformers, arcades, strategies, and shooters) that were containing the Android.Cynos.7.origin trojan. They estimated that the malici

A large-scale malware campaign on Huawei's AppGallery has led to approximately 9,300,000 installs of Android trojans masquerading as over 190 different apps. The trojan is detected by Dr.Web as 'Android.Cynos.7.origin' and is a modified version of the Cynos malware designed to collect sensitive user data.The discovery and report come from researchers at

The BrazKing Android banking trojan is back with significant improvements and dynamic banking overlays to avoid detection. Researchers from IBM spotted a new version of the BrazKing Android banking trojan that pull fake overlay screens from the command and control (C2) server in real-time. In the previous version, BrazKing abused the accessibility serv

​The BrazKing Android banking trojan has returned with dynamic banking overlays and a new implementation trick that enables it to operate without requesting risky permissions.A new malware sample was analyzed by IBM Trusteer researchers who found it outside the Play Store, on sites where people end up after receiving smishing (SMS) messages.These HTTPS

Security researchers from Cleafy discovered a new Android banking trojan, named SharkBot, that is targeting banks in Europe. At the end of October, researchers from cyber security firms Cleafy and ThreatFabric have discovered a new Android banking trojan named SharkBot. The name comes after one of the domains used for its command and control servers. T

Two Android apps available on the Google Play store have been found to contain malware this week.These apps are called 'Smart TV remote' and 'Halloween Coloring', with the former having been downloaded at least 1,000 times.Smart TV remote app packs 'Joker' malwareThis week, Tatyana Shishkova, Android malware analyst at Kaspersky disclosed the names of t

South Korean users have been targeted with a new sophisticated Android spyware, tracked as PhoneSpy, as part of an ongoing campaign. Researchers from Zimperium zLabs uncovered an ongoing campaign aimed at infecting the mobile phones of South Korean users with new sophisticated android spyware dubbed PhoneSpy. The malware already hit more than a thousan

An ongoing spyware campaign dubbed 'PhoneSpy' targets South Korean users via a range of lifestyle apps that nest in the device and silently exfiltrate data.The campaign deploys a powerful Android malware capable of stealing sensitive information from the users and taking over the device's microphone and camera.Researchers at Zimperium who discovere

Robinhood disclosed a security breach, an unidentified threat actor gained unauthorized access to approximately 7 million customer records. Robinhood Markets, Inc. is an American commission-free stock trading and investing platform, it had 18 million accounts as of March 2021, with over $80 billion in assets. The company disclosed a data breach, a threat