Tag: android
-
Google Sues 25 Chinese Entities Over BADBOX 2.0 Botnet Affecting 10M Android Devices
Google on Thursday revealed it’s pursuing legal action in New York federal court against 25 unnamed individuals or entities in China for allegedly operating BADBOX 2.0 botnet and residential proxy infrastructure.”The BADBOX 2.0 botnet compromised over 10 million uncertified devices running Android’s open-source software (Android Open Source Project), which lacks Google’s security protections,” First seen…
-
Google sues to disrupt BadBox 2.0 botnet infecting 10 million devices
Google has filed a lawsuit against the anonymous operators of the Android BadBox 2.0 malware botnet, accusing them of running a global ad fraud scheme against the company’s advertising platforms. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-sues-to-disrupt-badbox-20-botnet-infecting-10-million-devices/
-
BADBOX 2.0 Found Preinstalled on Android IoT Devices Worldwide
BADBOX variant BADBOX 2.0 found preinstalled on Android IoT devices in 222 countries, turning them into proxy nodes used in fraud and large-scale malicious activity. First seen on hackread.com Jump to article: hackread.com/badbox-2-0-preinstalled-android-iot-devices-worldwide/
-
Konfety Android Malware Exploits ZIP Tricks to Masquerade as Legit Apps on Google Play
Security researchers from zLabs have discovered a more advanced version of the Konfety Android malware, which uses complex ZIP-level changes to avoid detection and mimic genuine apps on the Google Play Store, marking a dramatic increase in mobile dangers. This malware employs an >>evil-twin
-
New Konfety Malware Variant Evades Detection by Manipulating APKs and Dynamic Code
Cybersecurity researchers have discovered a new, sophisticated variant of a known Android malware referred to as Konfety that leverages the evil twin technique to enable ad fraud.The sneaky approach essentially involves a scenario wherein two variants of an application share the same package name: A benign “decoy” app that’s hosted on the Google Play Store…
-
Altered Telegram App Steals Chinese Users’ Android Data
Using more than 600 domains, attackers entice Chinese-speaking victims to download a vulnerable Telegram app that is nearly undetectable on older versions of Android. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/telegram-app-chinese-users-android-data
-
Zimperium-Warnung vor Konfety-Malware: Angriffe auf Android-Mobilgeräte mittels neuer Variante
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/zimperium-konfety-malware-android-geraete
-
Fake Telegram Apps Spread via 607 Domains in New Android Malware Attack
Fake Telegram apps are being spread through 607 malicious domains to deliver Android malware, using blog-style pages and phishing tactics to trick users. First seen on hackread.com Jump to article: hackread.com/fake-telegram-apps-domains-android-malware-attack/
-
Android Malware Konfety evolves with ZIP manipulation and dynamic loading
A new Konfety Android malware variant uses a malformed ZIP and obfuscation to evade detection, posing as fake apps with no real functionality. Zimporium zLabs researchers are tracking a new, sophisticated Konfety Android malware variant that uses an >>evil-twin
-
Android malware Konfety uses malformed APKs to evade detection
A new variant of the Konfety Android malware emerged with a malformed ZIP structure along with other obfuscation methods that allow it to evade analysis and detection. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/android-malware-konfety-uses-malformed-apks-to-evade-detection/
-
Spyware on Androids Soars
In general, malware aimed at Androids rose 151% in February and March but a whopping increase came with the 692% jump in SMS-based malware that occurred in April and May. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/spyware-on-androids-soars/
-
Ducex Packer for Android Evades Detection with Heavy Obfuscation Techniques
The team at ANY.RUN recently reviewed a powerful Android packer called Ducex, which is linked to the infamous Triada malware, and criticized it for its sophisticated obfuscation methods. First identified within a fake Telegram app, Ducex serves as a protective shell for Triada, one of the most sophisticated Android trojans since its debut in 2016.…
-
Brave Browser For Android via F”‘Droid: Now Fully Available
Brave has taken a significant step toward empowering privacy-conscious Android users by making its browser fully available through its own F-Droid repository, providing an alternative distribution method that bypasses Google Play Store entirely. According to the recent report, this strategic move addresses growing concerns about Big Tech’s control over app distribution and offers users greater…
-
Plötzlich Vollzugriff: Angriffstechnik trickst Android-Nutzer mit Animationen aus
Tags: androidDurch eine Angriffstechnik namens Taptrap erlangen Angreifer völlig unbemerkt weitreichende Zugriffsrechte. Selbst Android 16 bietet davor keinen Schutz. First seen on golem.de Jump to article: www.golem.de/news/ploetzlich-vollzugriff-angriffstechnik-trickst-android-nutzer-mit-animationen-aus-2507-197954.html
-
Neue Malware-Welle trifft Android-Geräte
Android-Nutzer geraten erneut ins Fadenkreuz von Cyberkriminellen. Trotz Rückgängen bei bestimmten Malware-Typen bleibt die Bedrohungslage ernst auch offizielle App-Stores sind betroffen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/malware-welle-android
-
Google reveals details on Android’s Advanced Protection for Chrome
Google is sharing more information on how Chrome operates when Android mobile users enable Advanced Protection, highlighting strong security improvements. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-reveals-details-on-androids-advanced-protection-for-chrome/
-
TapTrap Android Exploit Allows Malicious Apps to Bypass Permissions
A new Android vulnerability called TapTrap that allows malicious apps to bypass the operating system’s permission system without requiring any special permissions themselves. The attack exploits activity transition animations”, a core feature of Android’s user interface”, to trick users into unknowingly granting sensitive permissions or performing destructive actions. Unlike traditional tapjacking attacks that rely on…
-
Google Launches Advanced Protection for Vulnerable Users via Chrome on Android
Google has announced the expansion of its Advanced Protection Program to Chrome on Android, providing enhanced security features specifically designed for high-risk users including journalists, elected officials, and public figures. The new device-level security setting, available on Android 16 with Chrome 137+, offers comprehensive protection against sophisticated cyber threats through three key security enhancements. The…
-
SparkKitty Malware Steals Photos from iOS and Android Devices
A sophisticated Trojan malware campaign has been targeting mobile device users across iOS and Android platforms since February 2024, with cybersecurity researchers identifying a significant escalation in photo theft capabilities that poses particular risks to cryptocurrency users and individuals storing sensitive information in their device galleries. SparkKitty represents a concerning evolution in mobile malware distribution,…
-
New Android TapTrap attack fools users with invisible UI trick
A novel tapjacking technique can exploit user interface animations to bypass Android’s permission system and allow access to sensitive data or trick users into performing destructive actions, such as wiping the device. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-android-taptrap-attack-fools-users-with-invisible-ui-trick/
-
Anatsa mobile malware returns to victimize North American bank customers
Android banking malware known as Anatsa was back for a brief but noticeable run in late June, researchers said. First seen on therecord.media Jump to article: therecord.media/anatsa-android-banking-malware-returns-north-america
-
Anatsa Android Banking Trojan Hits 90,000 Users with Fake PDF App on Google Play
Cybersecurity researchers have discovered an Android banking malware campaign that has leveraged a trojan named Anatsa to target users in North America using malicious apps published on Google’s official app marketplace.The malware, disguised as a “PDF Update” to a document viewer app, has been caught serving a deceptive overlay when users attempt to access their…
-
Android malware Anatsa infiltrates Google Play to target US banks
The Anatsa banking trojan has sneaked into Google Play once more via an app posing as a PDF viewer that counted more than 50,000 downloads. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/android-malware-anatsa-infiltrates-google-play-to-target-us-banks/
-
Unless users take action, Android will let Gemini access third-party apps
Important changes to Android devices took effect starting Monday. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/07/unless-users-take-action-android-will-let-gemini-access-third-party-apps/
-
Malware Attacks on Android Devices Surge in Q2, Driven by Banking Trojans and Spyware
Dr.Web Security Space for mobile devices reported that malware activity on Android devices increased significantly in the second quarter of 2025. Adware trojans, particularly from the Android.HiddenAds family, remained the most prevalent threat, despite an 8.62% decrease in user encounters. These trojans often disguise themselves as harmless apps or hide within system directories, concealing their…
-
Qwizzserial Android Malware Masquerades as Legit Apps to Steal Banking Data and Intercept 2FA SMS
A new and alarming Android malware family, dubbed Qwizzserial, has emerged as a significant threat, particularly targeting users in Uzbekistan. Discovered by Group-IB in March 2024, this SMS stealer is designed to intercept two-factor authentication (2FA) codes and steal sensitive banking information, posing a severe risk to personal and financial security. Disguised as legitimate applications…
-
Malware Surge Hits Android: Adware, Trojans and Crypto Theft Lead Q2 Threats
Dr.Web reports Android malware surge in Q2 with adware, banking trojans and crypto theft hidden in fake apps, firmware and spyware targeting users. First seen on hackread.com Jump to article: hackread.com/android-malware-adware-trojan-crypto-theft-q2-threats/
-
Aegis Authenticator: Free, open-source 2FA app for Android
Aegis Authenticator is an open-source 2FA app for Android that helps you manage login codes for your online accounts. The app features strong encryption and the ability to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/07/aegis-2fa-authenticator-free-open-source-android/
-
Android-Smartphones: Bedrohungen nehmen sprunghaft zu
Tags: androidFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/android-smartphones-bedrohungen-zunahme-sprunghaft
-
Android May Soon Warn You About Fake Cell Towers
Plus: Iran-linked hackers threaten to release Trump campaign emails, Chinese hackers still in US telecoms networks, and an abusive deepfake website plans an expansion. First seen on wired.com Jump to article: www.wired.com/story/android-may-soon-warn-you-about-fake-cell-towers/

