Security News
New FluBot and TeaBot malware distribution campaigns have been spotted, using typical smishing lures or laced apps against Android users in Australia, Germany, Poland, Spain, and Romania. TeaBot is a different Android banking trojan discovered in January 2021 and has a global reach.
Researchers have discovered a raft of active campaigns delivering the Flubot and Teabot trojans through a variety of delivery methods, with threat actors using smishing and malicious Google Play apps to target victims with fly-by attacks in various regions across the globe. Researchers from Bitdefender Labs said they have intercepted more than 100,000 malicious SMS messages trying to distribute Flubot malware since the beginning of December, according to a report published Wednesday.
New variants of the BRATA banking trojan have been targeting global Android devices since November with advanced features, including the ability to wipe devices after stealing user data, tracking devices via GPS, and novel obfuscation techniques, researchers have found. The Cleafy team has identified three new variants of BRATA that have been delivered via two new waves of samples in the last few months, researchers reported.
The Android malware known as BRATA has added new and dangerous features to its latest version, including GPS tracking, the capacity to use multiple communication channels, and a function that performs a factory reset on the device to wipe all traces of malicious activity. Analysts at Cleafy continued to monitor BRATA for new features, and in a new report published today, illustrate how the malware continues to evolve.
Google has finally rolled out an option on Android allowing users to disable 2G connections, which come with a host of privacy and security problems exploited by cell-site simulators. While Google has given Android users the option not to allow 2G cellular connections on their device, the setting is turned on by default.
Mozilla's Firefox Focus web browser can now protect Android users against cross-site tracking while browsing the Internet by preventing cookies from being used for advertising and monitoring your activity. "We're bringing it to Firefox Focus on Android, our simple, privacy by default companion app. Firefox Focus on Android will be the first Firefox mobile browser to have Total Cookie Protection," Mozilla said today.
Samsung's official Android app store, called the Galaxy Store, has had an infiltration of riskware apps that triggered multiple Play Protect warnings on people's devices. Scammers bet on the popularity of the pirate app, and indeed their cloned apps enjoyed a welcoming reception by the Samsung user community.
Researchers have discovered a new Android banking malware that targets Brazil's Itaú Unibanco with the help of lookalike Google Play Store pages to carry out fraudulent financial transactions on victim devices without their knowledge. "The has created a fake Google Play Store page and hosted the malware that targets Itaú Unibanco on it under the name 'sincronizador.apk.'".
Researchers have discovered a new Android banking malware that targets Brazil's Itaú Unibanco with the help of lookalike Google Play Store pages to carry out fraudulent financial transactions on victim devices without their knowledge. "The has created a fake Google Play Store page and hosted the malware that targets Itaú Unibanco on it under the name 'sincronizador.apk.'".
The actors have set up a page that looks very close to Android's official Google Play app store to trick visitors into thinking they are installing the app from a trustworthy service. The malware pretends to be the official banking app for Itaú Unibanco and features the same icon as the legitimate app.