[analysis] PlayPraetor trojan spreads through fake Play Store pages to steal user data
https://cdn.prod.website-files.com/66fbdb04ee8bb0436308fc15/67c83686e642fa846565699c_CTM360%20Report_%20PlayPraetor%20Trojan%20-%20Clear%20TLP.pdf
https://cdn.prod.website-files.com/66fbdb04ee8bb0436308fc15/67c83686e642fa846565699c_CTM360%20Report_%20PlayPraetor%20Trojan%20-%20Clear%20TLP.pdf
🌚10👍1
KoSpy: New Android Spyware was discovered on Google Play Store, operated by North Korea TA and attributed to APT37.
KoSpy app is still available on alternative app stores.
https://www.lookout.com/threat-intelligence/article/lookout-discovers-new-spyware-by-north-korean-apt37
KoSpy app is still available on alternative app stores.
https://www.lookout.com/threat-intelligence/article/lookout-discovers-new-spyware-by-north-korean-apt37
Lookout
Lookout Discovers North Korean APT37 Mobile Spyware | Threat Intel
Lookout researchers have discovered a novel Android surveillance tool dubbed KoSpy. It is attributed to APT 37 aka ScarCruft.
🌚7👍3❤2
Android Banking Trojan – OctoV2, masquerading as Deepseek AI
https://labs.k7computing.com/index.php/android-banking-trojan-octov2-masquerading-as-deepseek-ai/
https://labs.k7computing.com/index.php/android-banking-trojan-octov2-masquerading-as-deepseek-ai/
K7 Labs
Android Banking Trojan – OctoV2, masquerading as Deepseek AI
The world is moving from human reality to artificial reality aka advanced artificial intelligence (AI). In January 2025, Deepseek, an […]
🌚11❤1👍1🥱1😴1
It works! The first real smartwatch with Wi-Fi injection, capturing a WPA2 handshake! Using Kali NetHunter running Hijacker app on TicWatch Pro 3 smartwatch. All of that is possible thanks to @yesimxev, one of NetHunter developers! Video credits to @yesimxev (X)
https://www.instagram.com/reel/DHK8eahN2IZ/
https://www.instagram.com/reel/DHK8eahN2IZ/
🔥17👍3🌚3❤1👏1
🚨 Android Threat Hunters, Your Job Just Got Easier!
ANY.RUN has just released a brand-new OS designed for real-time Android threat analysis inside a secure sandbox environment.
Now, businesses and security teams can:
✅ Detect Android threats faster
🔍 Investigate APK behavior in real time
⚡ Speed up incident response
💰 Reduce cybersecurity costs
Best part? It’s available for all plans—even FREE users!
👉 Try now: https://goo.su/GH7WO
ANY.RUN has just released a brand-new OS designed for real-time Android threat analysis inside a secure sandbox environment.
Now, businesses and security teams can:
✅ Detect Android threats faster
🔍 Investigate APK behavior in real time
⚡ Speed up incident response
💰 Reduce cybersecurity costs
Best part? It’s available for all plans—even FREE users!
👉 Try now: https://goo.su/GH7WO
👍16❤3
Vapor malware: Hundreds of Malicious Google Play-Hosted Apps Bypassed Android 13 Security With Ease
Blog: https://www.bitdefender.com/en-us/blog/labs/malicious-google-play-apps-bypassed-android-security
PDF report: https://go.integralads.com/rs/469-VBI-606/images/AMER_VAPOR_THREAT_REPORT_IAS.pdf
Blog: https://www.bitdefender.com/en-us/blog/labs/malicious-google-play-apps-bypassed-android-security
PDF report: https://go.integralads.com/rs/469-VBI-606/images/AMER_VAPOR_THREAT_REPORT_IAS.pdf
Bitdefender Labs
Hundreds of Malicious Google Play-Hosted Apps Bypassed Android 13 Security With Ease
Bitdefender's security researchers have found a huge ad fraud campaign with hundreds of malicious apps in the Google Play Store
👍10🌚2
Analysis of Paragon’s Graphite Spyware Operations misusing WhatsApp Zero-Click exploit
https://citizenlab.ca/2025/03/a-first-look-at-paragons-proliferating-spyware-operations/
https://citizenlab.ca/2025/03/a-first-look-at-paragons-proliferating-spyware-operations/
🔥18👏3❤1👍1
Looks like there is a demand for Telegram RCE exploit
https://techcrunch.com/2025/03/21/russian-zero-day-seller-is-offering-up-to-4-million-for-telegram-exploits/
https://techcrunch.com/2025/03/21/russian-zero-day-seller-is-offering-up-to-4-million-for-telegram-exploits/
🔥24😁6👍2❤1👏1🤮1💩1🤡1
Safari 1day RCE Exploit
Confirmed exploit works on macOS 13.3.1, iOS 15.8.2.
https://github.com/wh1te4ever/WebKit-Bug-256172/tree/ios-arm64
Confirmed exploit works on macOS 13.3.1, iOS 15.8.2.
https://github.com/wh1te4ever/WebKit-Bug-256172/tree/ios-arm64
GitHub
GitHub - wh1te4ever/WebKit-Bug-256172 at ios-arm64
Safari 1day RCE Exploit. Contribute to wh1te4ever/WebKit-Bug-256172 development by creating an account on GitHub.
❤🔥14💩4👎3🤡2👍1🌚1
New Android Malware Campaigns Evading Detection Using Cross-Platform Framework .NET MAUI (new Xamarin)
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/new-android-malware-campaigns-evading-detection-using-cross-platform-framework-net-maui/
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/new-android-malware-campaigns-evading-detection-using-cross-platform-framework-net-maui/
McAfee Blog
New Android Malware Campaigns Evading Detection Using Cross-Platform Framework .NET MAUI | McAfee Blog
Authored by Dexter Shin Summary Cybercriminals are constantly evolving their techniques to bypass security measures. Recently, the McAfee Mobile
🌚6❤2👍1
A Blueprint of Android Activity Lifecycle
https://8ksec.io/a-blueprint-of-android-activity-lifecycle/
https://8ksec.io/a-blueprint-of-android-activity-lifecycle/
8kSec - 8kSec is a cybersecurity research & training company. We provide high-quality training & consulting services.
A Blueprint of Android Activity Lifecycle - 8kSec
Introduction The Android Activity lifecycle is a sequence of state changes and callbacks that every Android Activity goes through from creation to destruction.Understanding the Android Activity lifecycle is important not only for developers aiming to build…
👍9🤡4👎1🤣1
APT36 Mimics India Post Website to Spread Malware to Windows and Android Users
https://www.cyfirma.com/research/turning-aid-into-attack-exploitation-of-pakistans-youth-laptop-scheme-to-target-india/
https://www.cyfirma.com/research/turning-aid-into-attack-exploitation-of-pakistans-youth-laptop-scheme-to-target-india/
CYFIRMA
TURNING AID INTO ATTACK: EXPLOITATION OF PAKISTAN'S YOUTH LAPTOP SCHEME TO TARGET INDIA - CYFIRMA
EXECUTIVE SUMMARY In this report, CYFIRMA examines the tactics employed by a Pakistan-based APT group, assessed with medium confidence as...
👍7
PJobRAT makes a comeback, takes another crack at chat apps
https://news.sophos.com/en-us/2025/03/27/pjobrat-makes-a-comeback-takes-another-crack-at-chat-apps/
https://news.sophos.com/en-us/2025/03/27/pjobrat-makes-a-comeback-takes-another-crack-at-chat-apps/
Sophos
PJobRAT makes a comeback, takes another crack at chat apps
Sophos X-Ops uncovers a recent campaign from an Android RAT first seen in 2019 – now infecting users in Taiwan
👍6❤1
Feberis Pro: I have tested a new 4-in-1 Expansion Board for Flipper Zero
https://www.mobile-hacker.com/2025/03/31/feberis-pro-the-ultimate-4-in-1-expansion-board-for-flipper-zero/
https://www.mobile-hacker.com/2025/03/31/feberis-pro-the-ultimate-4-in-1-expansion-board-for-flipper-zero/
Mobile Hacker
Feberis Pro: The Ultimate 4-in-1 Expansion Board for Flipper Zero
In a previous blog post, I introduced Feberis, a versatile expansion board that enhanced the capabilities of the Flipper Zero by offering additional communication protocols. Now, I am excited to dive into the newly released Feberis Pro, a next-generation…
👍19
Exposing Crocodilus: New Device Takeover Malware Targeting Android Devices
https://www.threatfabric.com/blogs/exposing-crocodilus-new-device-takeover-malware-targeting-android-devices
https://www.threatfabric.com/blogs/exposing-crocodilus-new-device-takeover-malware-targeting-android-devices
ThreatFabric
Exposing Crocodilus: New Device Takeover Malware Targeting Android Devices
ThreatFabric analysts discovered a new Device-Takeover Android banking Trojan equipped with remote access, black screen overlays, and advanced credential theft capabilities.
👍8
TsarBot: A New Android Banking Trojan Targeting Over 750 Banking, Finance, and Cryptocurrency Applications
https://cyble.com/blog/tsarbot-using-overlay-attacks-targeting-bfsi-sector/
https://cyble.com/blog/tsarbot-using-overlay-attacks-targeting-bfsi-sector/
Cyble
TsarBot Trojan Hits 750+ Banking & Crypto Apps!
Beware of TsarBot! This Android banking Trojan spreads via phishing, steals credentials, and hijacks devices. Stay safe with our latest insights.
👍9🌚1
This media is not supported in your browser
VIEW IN TELEGRAM
'Lucid' Phishing Platform Targets iOS and Android Users with SMS Attacks
https://catalyst.prodaft.com/public/report/lucid/overview
https://catalyst.prodaft.com/public/report/lucid/overview
👍15🌚3
Detailed Analysis of DocSwap Malware Disguised as Security Document Viewer operated by Kimsuky APT
https://medium.com/s2wblog/detailed-analysis-of-docswap-malware-disguised-as-security-document-viewer-218a728c36ff
https://medium.com/s2wblog/detailed-analysis-of-docswap-malware-disguised-as-security-document-viewer-218a728c36ff
Medium
Detailed Analysis of DocSwap Malware Disguised as Security Document Viewer
Author: HyeongJun Kim | S2W TALON
🌚5👍1🥱1🥴1
Salvador Stealer: New Android Malware That Phishes Banking Details & OTPs
https://any.run/cybersecurity-blog/salvador-stealer-malware-analysis/
https://any.run/cybersecurity-blog/salvador-stealer-malware-analysis/
ANY.RUN's Cybersecurity Blog
Salvador Stealer: Analysis of New Mobile Banking Malware
Discover detailed analysis of Salvador Stealer, a new Android malware targeting users of mobile banking apps.
🌚6❤2👍1👏1
[pdf] DVa: Extracting Victims and Abuse Vectors from Android Accessibility Malware
https://www.usenix.org/system/files/sec24summer-prepub-136-xu-haichuan.pdf
https://www.usenix.org/system/files/sec24summer-prepub-136-xu-haichuan.pdf
🌚5❤1👍1👏1
Android Malware Disguised as Government Alerts distributed in India via WhatsApp
https://blogs.quickheal.com/beware-malicious-android-malware-disguised-as-government-alerts/
https://blogs.quickheal.com/beware-malicious-android-malware-disguised-as-government-alerts/
Quick Heal Blog
Beware: Malicious Android Malware Disguised as Government Alerts.
In our high-tech world, sneaky cyber threats can pop up anywhere. Lately, we’ve spotted sneaky malware on Android...
👍7🤡3🌚2❤1👎1🥱1