Tag: android
-
ThreatsDay Bulletin: $15B Crypto Bust, Satellite Spying, Billion-Dollar Smishing, Android RATs & More
The online world is changing fast. Every week, new scams, hacks, and tricks show how easy it’s become to turn everyday technology into a weapon. Tools made to help us work, connect, and stay safe are now being used to steal, spy, and deceive.Hackers don’t always break systems anymore, they use them. They hide inside…
-
GhostBat RAT Returns with Fake RTO Apps Targeting Indian Android Users with Telegram Bot-Driven Malware
A new trend of Android malware is sweeping across India, leveraging the guise of Regional Transport Office (RTO) apps to steal financial data, mine cryptocurrency, and exfiltrate SMS messages, all while secretly registering infected devices through Telegram bots. Known as GhostBat RAT, this new malware campaign has recently resurfaced. First seen on thecyberexpress.com Jump to article:…
-
GhostBat RAT Returns with Fake RTO Apps Targeting Indian Android Users with Telegram Bot-Driven Malware
A new trend of Android malware is sweeping across India, leveraging the guise of Regional Transport Office (RTO) apps to steal financial data, mine cryptocurrency, and exfiltrate SMS messages, all while secretly registering infected devices through Telegram bots. Known as GhostBat RAT, this new malware campaign has recently resurfaced. First seen on thecyberexpress.com Jump to article:…
-
GhostBat RAT Android Malware Poses as Fake RTO Apps to Steal Banking Data from Indian Users
The GhostBat RAT campaign leverages diverse infection vectors”, WhatsApp, SMS with shortened URLs, GitHub-hosted APKs, and compromised websites”, to distribute malicious Android droppers. Once installed, these droppers employ multi-stage workflows, deliberate ZIP header manipulation, and heavy string obfuscation to evade antivirus detection and reverse”engineering. The threat actors utilize native libraries (.so) to dynamically resolve API…
-
GhostBat RAT Android Malware Poses as Fake RTO Apps to Steal Banking Data from Indian Users
The GhostBat RAT campaign leverages diverse infection vectors”, WhatsApp, SMS with shortened URLs, GitHub-hosted APKs, and compromised websites”, to distribute malicious Android droppers. Once installed, these droppers employ multi-stage workflows, deliberate ZIP header manipulation, and heavy string obfuscation to evade antivirus detection and reverse”engineering. The threat actors utilize native libraries (.so) to dynamically resolve API…
-
Pixnapping Attack Hijacks Google Authenticator 2FA Codes in Under 30 Seconds
Security researchers have unveiled a sophisticated new attack technique dubbed >>Pixnapping
-
Pixnapping Attack Lets Attackers Steal 2FA on Android
The proof-of-concept exploit allows an attacker to steal sensitive data from Gmail, Google Accounts, Google Authenticator, Google Maps, Signal, and Venmo. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/pixnapping-attack-attackers-2fa-android
-
New Android Pixnapping attack steals MFA codes pixel-by-pixel
A new side-channel attack called Pixnapping enables a malicious Android app with no permissions to extract sensitive data by stealing pixels displayed by applications or websites, and reconstructing them to derive the content. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-android-pixnapping-attack-steals-mfa-codes-pixel-by-pixel/
-
#Pixnapping: Android Timing Attack Sends Google Back to the Drawing Board
If at first you don’t succeed: Researchers discover a new way to steal secrets from Android apps. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/pixnapping-android-attack-richixbw/
-
New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions
Tags: 2fa, android, attack, authentication, data, exploit, flaw, google, group, mfa, side-channel, vulnerabilityAndroid devices from Google and Samsung have been found vulnerable to a side-channel attack that could be exploited to covertly steal two-factor authentication (2FA) codes, Google Maps timelines, and other sensitive data without the users’ knowledge pixel-by-pixel.The attack has been codenamed Pixnapping by a group of academics from the University of California (Berkeley), University of…
-
Hackers can steal 2FA codes and private messages from Android phones
Malicious app required to make “Pixnapping” attack work requires no permissions. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/10/no-fix-yet-for-attack-that-lets-hackers-pluck-2fa-codes-from-android-phones/
-
Hackers can steal 2FA codes and private messages from Android phones
Malicious app required to make “Pixnapping” attack work requires no permissions. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/10/no-fix-yet-for-attack-that-lets-hackers-pluck-2fa-codes-from-android-phones/
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 66
Tags: android, cve, cyber, exploit, extortion, international, malware, ransomware, russia, spyware, vulnerabilitySecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ransomware and Cyber Extortion in Q3 2025 Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability XWorm V6: Exploring Pivotal Plugins ClayRat: A New Android Spyware Targeting Russia Security Evaluation of Android apps…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 66
Tags: android, cve, cyber, exploit, extortion, international, malware, ransomware, russia, spyware, vulnerabilitySecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ransomware and Cyber Extortion in Q3 2025 Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability XWorm V6: Exploring Pivotal Plugins ClayRat: A New Android Spyware Targeting Russia Security Evaluation of Android apps…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 66
Tags: android, cve, cyber, exploit, extortion, international, malware, ransomware, russia, spyware, vulnerabilitySecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ransomware and Cyber Extortion in Q3 2025 Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability XWorm V6: Exploring Pivotal Plugins ClayRat: A New Android Spyware Targeting Russia Security Evaluation of Android apps…
-
Cybercrime ring GXC Team dismantled in Spain, 25-year-old leader detained
Spain’s Guardia Civil dismantled the cybercrime group “GXC Team” and arrested its 25-year-old Brazilian leader. Spanish Guardia Civil dismantled the “GXC Team” cybercrime group, arresting its 25-year-old Brazilian leader “GoogleXcoder.” The gang sold AI-powered phishing kits, Android malware, and voice-scam tools via Telegram and Russian forums, becoming a major supplier of credential theft tools in…
-
ClayRat Android Malware Masquerades as WhatsApp Google Photos
ClayRat, a rapidly evolving Android spyware campaign, has surged in activity over the past three months, with zLabs researchers observing more than 600 unique samples and 50 distinct droppers. Primarily targeting Russian users, the malware masquerades as popular applications such as WhatsApp, Google Photos, TikTok, and YouTube, luring victims into installing malicious APKs via deceptive…
-
New Android spyware ClayRat imitates WhatsApp, TikTok, YouTube
A new Android spyware called ClayRat is luring potential victims by posing as popular apps and services like WhatsApp, Google Photos, TikTok, and YouTube. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-android-spyware-clayrat-imitates-whatsapp-tiktok-youtube/
-
ClayRat campaign uses Telegram and phishing sites to distribute Android spyware
ClayRat Android spyware targets Russian users via fake Telegram channels and phishing sites posing as popular apps like WhatsApp and YouTube. The ClayRat Android spyware campaign targets Russian users via fake Telegram channels and phishing sites posing as popular apps like Google Photos, WhatsApp, TikTok, YouTube. Zimperium named the spyware ClayRat after its C2 server,…
-
ClayRat campaign uses Telegram and phishing sites to distribute Android spyware
ClayRat Android spyware targets Russian users via fake Telegram channels and phishing sites posing as popular apps like WhatsApp and YouTube. The ClayRat Android spyware campaign targets Russian users via fake Telegram channels and phishing sites posing as popular apps like Google Photos, WhatsApp, TikTok, YouTube. Zimperium named the spyware ClayRat after its C2 server,…
-
Fake TikTok and WhatsApp Apps Infect Android Devices with ClayRat Spyware
Zimperium’s zLabs warns of ClayRat, a fast-spreading Android spyware targeting Russia. It hides in fake apps like TikTok and steals texts, calls records, and camera photos. First seen on hackread.com Jump to article: hackread.com/fake-tiktok-whatsapp-apps-android-clayrat-spyware/
-
New ClayRat Spyware Targets Android Users via Fake WhatsApp and TikTok Apps
A rapidly evolving Android spyware campaign called ClayRat has targeted users in Russia using a mix of Telegram channels and lookalike phishing websites by impersonating popular apps like WhatsApp, Google Photos, TikTok, and YouTube as lures to install them.”Once active, the spyware can exfiltrate SMS messages, call logs, notifications, and device information; taking photos with…
-
ClayRat spyware turns phones into distribution hubs via SMS and Telegram
Fighting a self-spreading spyware: Experts say combating ClayRat requires both technical hardening and behavioral hygiene.”Security teams should enforce a layered mobile security posture that reduces installation paths, detects compromise, and limits blast radius,” said Jason Soroko, Senior Fellow at Sectigo. He recommends blocking sideloading through Android Enterprise policy, deploying mobile threat defense integrated with endpoint…
-
ClayRat Spyware Campaign Targets Android Users in Russia
A new ClayRat spyware campaign has been observed targeting Russian users via fake apps on Telegram and exfiltrating data First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/clayrat-spyware-targets-android/
-
Unlocking the Future: What Android Screen Unlocking Reveals About Next-Gen IAM
Forgot your Android password, PIN, or pattern? Discover how Dr.Fone Screen Unlock helps you regain access but also where Identity and Access Management (IAM) is headed. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/unlocking-the-future-what-android-screen-unlocking-reveals-about-next-gen-iam/
-
Unlocking the Future: What Android Screen Unlocking Reveals About Next-Gen IAM
Forgot your Android password, PIN, or pattern? Discover how Dr.Fone Screen Unlock helps you regain access but also where Identity and Access Management (IAM) is headed. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/unlocking-the-future-what-android-screen-unlocking-reveals-about-next-gen-iam/
-
Windows und Android: Google schließt schwerwiegende Lücken in Chrome
Ein Pufferüberlauf in Chrome für Windows, MacOS, Linux und Android erlaubt unter Umständen eine Remotecodeausführung. First seen on golem.de Jump to article: www.golem.de/news/windows-und-android-google-schliesst-schwerwiegende-luecken-in-chrome-2510-200916.html
-
Spyware Disguised as Signal and ToTok Apps Targets UAE Android Users
ESET warns of fake Signal and ToTok apps spreading Android spyware in the UAE, stealing contacts, messages, and chat backups from users. First seen on hackread.com Jump to article: hackread.com/spyware-fake-signal-totok-apps-uae-android-users/
-
Steam and Microsoft warn of Unity flaw exposing gamers to attacks
A code execution vulnerability in the Unity game engine could be exploited to achieve code execution on Android and privilege escalation on Windows. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/steam-and-microsoft-warn-of-unity-flaw-exposing-gamers-to-attacks/
-
New ‘Fully Undetectable’ Android RAT Discovered on GitHub
Hosted at the repository “Huckel789/Android-RAT,” this fully undetectable (FUD) RAT is designed to evade antivirus detection permanently, maintain persistence in battery-optimized environments, and deliver a feature-rich command-and-control (C2C) experience entirely from a web interface. This Android RAT sets itself apart by eliminating the traditional requirement for a desktop or laptop in the attack chain. A…

