Security News

Android Users Beware: New Hook Malware with RAT Capabilities Emerges
2023-01-19 13:27

The threat actor behind the BlackRock and ERMAC Android banking trojans has unleashed yet another malware for rent called Hook that introduces new capabilities to access files stored in the devices and create a remote interactive session. ThreatFabric, in a report shared with The Hacker News, characterized Hook as a novel ERMAC fork that's advertised for sale for $7,000 per month while featuring "All the capabilities of its predecessor."

Android TV box on Amazon came pre-installed with malware
2023-01-12 20:41

A Canadian system administrator discovered that an Android TV box purchased from Amazon was pre-loaded with persistent, sophisticated malware baked into its firmware. The device in question is the T95 Android TV box with an AllWinner T616 processor, widely available through Amazon, AliExpress, and other big e-commerce platforms.

StrongPity Hackers Distribute Trojanized Telegram App to Target Android Users
2023-01-10 16:40

The advanced persistent threat group known as StrongPity has targeted Android users with a trojanized version of the Telegram app through a fake website that impersonates a video chat service called Shagle. "A copycat website, mimicking the Shagle service, is used to distribute StrongPity's mobile backdoor app," ESET malware researcher Lukáš Štefanko said in a technical report.

StrongPity hackers target Android users via trojanized Telegram app
2023-01-10 15:30

The StrongPity APT hacking group is distributing a fake Shagle chat app that is a trojanized version of the Telegram for Android app with an added backdoor. Once installed, this app enables the hackers to conduct espionage on the targeted victims, including monitoring phone calls, collecting SMS texts, and grabbing contact lists.

Hackers target Android users with fake Shagle video-chat app
2023-01-10 15:30

The StrongPity APT hacking group is distributing a fake Shagle chat app that is a trojanized version of the Telegram for Android app with an added backdoor. Once installed, this app enables the hackers to conduct espionage on the targeted victims, including monitoring phone calls, collecting SMS texts, and grabbing contact lists.

Darknet drug markets move to custom Android apps for increased privacy
2023-01-09 20:13

Online markets selling drugs and other illegal substances on the dark web have started to use custom Android apps for increased privacy and to evade law enforcement. These apps allow shop clients to communicate with drug vendors and provide specific courier instructions for delivery.

SpyNote Android malware infections surge after source code leak
2023-01-05 15:17

The Android malware family tracked as SpyNote has had a sudden increase in detections in the final quarter of 2022, which is attributed to a source code leak of one of its latest, known as 'CypherRat. Threat actors quickly snatched the malware's source code and launched their own campaigns.

SpyNote Strikes Again: Android Spyware Targeting Financial Institutions
2023-01-05 11:05

Financial institutions are being targeted by a new version of Android malware called SpyNote at least since October 2022. "This has helped other actors [in] developing and distributing the spyware, often also targeting banking institutions."

Samsung and Google fix Microsoft Intune Android 13 enrollment issue
2022-12-21 22:44

Microsoft has confirmed today that Samsung and Google have fixed an Intune enrollment issue affecting Galaxy S22 smartphones running Android 13. On affected S22 devices, Android users cannot complete enrollment if they create a Work Profile for Bring Your Own Device provisioning.

GodFather Android Banking Trojan Targeting Users of Over 400 Banking and Crypto Apps
2022-12-21 09:16

An Android banking trojan known as GodFather is being used to target users of more than 400 banking and cryptocurrency apps spanning across 16 countries. This includes 215 banks, 94 crypto wallet providers, and 110 crypto exchange platforms serving users in the U.S., Turkey, Spain, Italy, Canada, and Canada, among others, Singapore-headquartered Group-IB said in a report shared with The Hacker News.