A malicious threat group has used a malicious APK package to target Indian defence personnel with Android devices. The package contains a decoy copy of a promotion letter to lure the targeted employees. Once the victim is baited by the compromised APK and installs it, the app will appear as an Adobe Reader app icon...Continue Reading
The newly discovered SandStrike spyware uses a compromised VPN app to infect Android users in a new cybercriminal campaign. An investigation revealed that the spyware operators focus their attacks against a religion created in Iran and its branches in the Middle East. The threat actors are propagating their malware through a malicious VPN application that...Continue Reading
Four malicious Android applications are currently downloadable from the Google Play Store. According to researchers, these apps redirect Android users to websites that could steal information or generate pay-per-click revenue for the app developers. Some of the landing pages from the Android apps offered victims to download fake updates or security tools, to deceive the...Continue Reading
A group of unidentified threat actors has created the new Clicker malware that infected about 20 million Android users worldwide. Based on reports, the malware has infiltrated the Google Play Store by hiding behind 16 different compromised apps. According to researchers, the Clicker Android malware has managed to get inside the Google Play Store by...Continue Reading
Latest cybersecurity discoveries reveal that an unofficial WhatsApp messaging application called ‘YoWhatsApp’ has been stealing access keys for user accounts, posing massive security risks. The malicious app works the same way as any instant messaging app and uses the same access permissions as the official WhatsApp app. However, YoWhatsApp has added features, such as interface...Continue Reading
Security researchers have recently spotted a state-backed threat group from Iran, APT42, that uses custom Android spyware to perform surveillance on victims and steal data for intelligence. The threat group’s initial campaigns reach back to 2015, with operations involving spear-phishing attacks against their targets, including government institutions, law enforcement agencies, journalists, academics, and Iranian protesters....Continue Reading
After months of hiding after being removed from the popular mobile app marketplace, Google Play, the SharkBot malware returns with an upgraded version to target Android users and steal their banking login credentials through malware-infected applications available on the app store. Reports revealed that two of the detected SharkBot-infected applications had initially passed Google’s automatic...Continue Reading
Researchers from Microsoft have found a TikTok Android vulnerability that enables a threat actor to take over an account with one click by deceiving targets into accessing a specially crafted link. According to Microsoft’s security team, the threat actors could have exploited the flaw of hijacking an account without the user’s awareness if a target...Continue Reading
Further details were shared about the recently identified Android spyware variant dubbed ‘Dracarys’ that the Bitter APT (advanced persistent threat) group utilises in their campaigns against several countries, including India, Pakistan, New Zealand, and the UK. In this year’s Q2, Meta first gave specifics of the Dracarys Android spyware on their adversarial threat report and...Continue Reading
Many reports about Android apps being loaded with adware and malicious codes have been documented recently. These malware-infected applications have over 10 million installations on people’s Android devices. Recent research shows numerous compromised mobile applications spoof utility tools such as virtual keyboards, system optimisers, image-editing tools, and wallpaper editors on the official Google Play Store....Continue Reading
