Tag: android
-
Thousands of Android devices compromised with AntiDot malware
First seen on scworld.com Jump to article: www.scworld.com/brief/thousands-of-android-devices-compromised-with-antidot-malware
-
New Android Malware Surge Hits Devices via Overlays, Virtualization Fraud, and NFC Theft
Cybersecurity researchers have exposed the inner workings of an Android malware called AntiDot that has compromised over 3,775 devices as part of 273 unique campaigns.”Operated by the financially motivated threat actor LARVA-398, AntiDot is actively sold as a Malware-as-a-Service (MaaS) on underground forums and has been linked to a wide range of mobile campaigns,” PRODAFT…
-
AntiDot 31 Android Botnet Malware Grants Attackers Full Control Over Victim Devices
A new Android botnet malware named AntiDot has emerged as a formidable threat, granting cybercriminals unprecedented control over infected devices. Operated and sold by LARVA-398 as a Malware-as-a-Service (MaaS) on underground forums like XSS, AntiDot is marketed as a >>3-in-1
-
Per Virtualisierung: Gefährliche Android-Malware stiehlt Daten aus Banking-Apps
Eine Malware namens Godfather hat es auf fast 500 verschiedene Banking- und Krypto-Apps abgesehen. Virtualisierung sorgt für die perfekte Tarnung. First seen on golem.de Jump to article: www.golem.de/news/per-virtualisierung-gefaehrliche-android-malware-stiehlt-daten-aus-banking-apps-2506-197317.html
-
GodFather Android Malware Uses On-Device Virtualization to Hijack Legitimate Banking Apps
Zimperium zLabs has uncovered a highly advanced iteration of the GodFather Android banking malware, which employs a groundbreaking on-device virtualization technique to compromise legitimate mobile banking and cryptocurrency applications. Unlike traditional overlay attacks that merely mimic login screens, this malware creates a fully isolated virtual environment on the victim’s device, enabling attackers to monitor and…
-
Godfather Android malware now uses virtualization to hijack banking apps
A new version of the Android malware “Godfather” creates isolated virtual environments on mobile devices to steal account data and transactions from legitimate banking apps. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/godfather-android-malware-now-uses-virtualization-to-hijack-banking-apps/
-
New Android Malware Surge Hits Devices via Overlays, Virtualization Fraud and NFC Theft
Cybersecurity researchers have exposed the inner workings of an Android malware called AntiDot that has compromised over 3,775 devices as part of 273 unique campaigns.”Operated by the financially motivated threat actor LARVA-398, AntiDot is actively sold as a Malware-as-a-Service (MaaS) on underground forums and has been linked to a wide range of mobile campaigns,” PRODAFT…
-
Android Spyware SpyNote Masquerading as Google Translate Found in Open Directories
Our team stumbled upon a disturbing array of SpyNote spyware samples lurking in open directories across the internet. These misconfigured digital repositories, often overlooked as mere storage spaces, have become unwitting hosts to dangerous malware targeting Android users. Uncovering Hidden Threats in Open Digital Repositories Disguised as legitimate applications like Google Translate, Temp Mail, and…
-
FBI warnt vor BadBox-2.0-Botnetz – Millionen Android-Geräte mit vorinstallierter Malware ausgeliefert
First seen on security-insider.de Jump to article: www.security-insider.de/badbox-2-malware-auf-android-geraeten-a-b7893e69dd61db58f22c914d108f946e/
-
From cleaners to creepers: The risk of mobile privilege escalation
In this Help Net Security video, Nico Chiaraviglio, Chief Scientist at Zimperium, explores how Android apps can be abused to escalate privileges, giving attackers access to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/18/android-mobile-privilege-escalation-video/
-
Android Devices Under Siege: How Threat Actors Abuse OEM Permissions for Privilege Escalation
Threat actors are increasingly exploiting legitimate channels to achieve privilege escalation, posing a severe risk to millions of devices worldwide. While conventional exploits remain a concern, a more insidious danger emerges from applications gaining excessive system access through mechanisms such as sideloading and Original Equipment Manufacturer (OEM) permissions. These permissions, often embedded by device manufacturers…
-
Nie wieder schädliche Links: Diese Android-App schützt euch vor versteckter Malware
First seen on t3n.de Jump to article: t3n.de/news/nie-wieder-schaedliche-links-diese-android-app-schuetzt-euch-vor-versteckter-malware-1692932/
-
Over 20 Malicious Google Play Apps Steal Users’ Login Credentials
Tags: android, credentials, crypto, cyber, cybersecurity, google, intelligence, login, malicious, phishingA major security alert has been issued for Android users after cybersecurity researchers uncovered more than 20 malicious applications on the Google Play Store designed to steal users’ login credentials, specifically targeting cryptocurrency wallet holders. The campaign, identified by Cyble Research and Intelligence Labs (CRIL), reveals a sophisticated phishing operation that has already compromised the…
-
Google Releases Android 16: What’s New and What’s Missing
Android 16 debuts with smarter notifications, improved hearing aid support, and advanced security tools for high-risk users. It’s rolling out now to Pixel devices. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-android-16-launch-notifications-security/
-
OffensiveCon25 KernelGP: Racing Against The Android Kernel
Author/Presenter: Chariton Karamitas Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock…
-
OffensiveCon25 Android InWild: Unexpectedly Excavating A Kernel Exploit
Author/Presenter: Seth Jenkins Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel. Thanks and a Tip O’ The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock…
-
Android Enterprise update puts mobile security first
Google is rolling out new Android Enterprise features aimed at improving mobile security, IT management, and employee productivity. According to Zimperium’s 2025 Global Mobile … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/10/android-enterprise-new-features-2025/
-
Android Enterprise Rolls Out Security and Productivity Updates
Android Enterprise has introduced features for mobile security, device management and user productivity in its latest update First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/android-enterprise-security-updates/
-
New Way to Track Covertly Android Users
Researchers have discovered a new way to covertly track Android users. Both Meta and Yandex were using it, but have suddenly stopped now that they have been caught. The details are interesting, and worth reading in detail: >Tracking code that Meta and Russia-based Yandex embed into millions of websites is de-anonymizing visitors by abusing legitimate…
-
Meta Bypassed Privacy Protections to Track Android Users
A recent investigation by cybersecurity researchers has revealed that tech giants Meta (formerly Facebook) and Yandex have been exploiting a fundamental design feature of the Android operating system”, the ability for apps to listen on localhost ports”, to covertly track users’ web activity and link it to their real identities. The discovery has raised significant…
-
FBI Warns of BADBOX 2.0 Botnet Surge in Chinese Devices
Over 1 Million Infected Off-Brand Android Devices Pose Global Fraud Risk. A China-based botnet operation called BADBOX 2.0 has infected more than 1 million off-brand Android smart devices globally. In an alert, the FBI advised consumers to check their home networks for suspicious activity that could be linked to multiple fraud schemes. First seen on…
-
FBI warnt: Millionen Android-Geräte durch BadBox 2.0 Malware infiziert
Das amerikanische FBI hat zum 5. Juni 2025 eine allgemeine Warnung herausgegeben, die vor der Infektion von Android-Geräten mit der Malware BadBox 2.0 warnt. Laut dieser Warnung müssen Millionen von Android-Geräten infiziert sein. Es ist nicht die erste Warnung vor … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/06/07/fbi-warnt-millionen-android-geraete-durch-badbox-2-0-malware-infiziert/
-
Millions of low-cost Android devices turn home networks into crime platforms
BadBox malware has been menacing low-cost Android devices for nearly a decade. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/06/millions-of-low-cost-android-devices-turn-home-networks-into-crime-platforms/
-
BADBOX 2.0 Targets Home Networks in Botnet Campaign, FBI Warns
Though the operation was partially disrupted earlier this year, the botnet remains active and continues to target connected Android devices. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/badbox-home-networks-botnet-campaign-fbi
-
Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them?
Millions of Internet-of-Things (IoT) devices running the open-source version of the Android operating system are part of the Badbox 2.0 botnet, the FBI has warned. Cyber … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/06/millions-of-android-devices-roped-into-badbox-2-0-botnet-is-yours-among-them/
-
BADBOX 2.0 Malware Hits Over a Million Android Devices in Global Cyber Threat
HUMAN’s Satori Threat Intelligence and Research team, in collaboration with Google, Trend Micro, and Shadowserver, has uncovered and partially disrupted a massive cyber fraud operation named BADBOX 2.0. This operation, an evolved iteration of the original BADBOX malware disclosed in 2023, has infected over 1 million Android Open Source Project (AOSP) devices worldwide, marking it…
-
FBI: BADBOX 2.0 Android malware infects millions of consumer devices
The FBI is warning that the BADBOX 2.0 malware campaign has infected over 1 million home Internet-connected devices, converting consumer electronics into residential proxies that are used for malicious activity. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-badbox-20-android-malware-infects-millions-of-consumer-devices/
-
Meta und Yandex hebeln Sandboxing aus und tracken Nutzer
Tags: androidIch kippe mal einen Hinweis ein, der mir bereits vor einigen Tagen untergekommen ist. Wer auf Android Apps bzw. Dienste von Meta (Facebook & Co.) oder Yandex (russisch, eher weniger verbreitet in DACH) verwendet, wurde getrackt. Sicherheitsforscher haben herausgefunden, dass … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/06/05/android-meta-und-yandex-hebeln-sandboxing-aus-und-tracken-nutzer/
-
Meta, Yandex Covertly Tracked Billions of Android Users, According to Researcher
A report highlights how Meta and Yandex bypassed privacy and security controls to implement web-to-app tracking on Android users. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-meta-yandex-tracking-android-users/
-
Android trojan ‘Crocodilus’ hijacks accessibility settings for control
First seen on scworld.com Jump to article: www.scworld.com/news/android-trojan-crocodilus-hijacks-accessibility-settings-for-control