Tag: android
-
FEMITBOT Network Abuses Telegram Mini Apps for Crypto Scams and Android Malware
A massive fraud network called FEMITBOT uses Telegram Mini Apps and fake brand names like Apple, Disney, and… First seen on hackread.com Jump to article: hackread.com/femitbot-telegram-mini-apps-crypto-scam-android-malware/
-
North Koreans Spy on Defectors Via Android Game Apps
Website Popular in Korean Ethnic Enclave in China Hosts Apps Laced With a Backdoor. A North Korean hacking group has been spying on a Korean ethnic enclave in China by infiltrating the Android apps of a regional gaming platform that hosts digital card and board games. Researchers attributed the supply-chain attack to a threat actor…
-
ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows
The North Korea-aligned state-sponsored hacking group known as ScarCruft has compromised a video game platform in a supply chain espionage attack, trojanizing its components with a backdoor called BirdCallto likely target ethnic Koreans residing in China.While prior versions of the backdoor have primarily targeted Windows users only, the supply chain attack is assessed to have…
-
North Korean hackers trojanize gaming platform to spy on ethnic Koreans in China
A gaming platform built for ethnic Koreans in China has been serving backdoored Windows and Android software to its users since late 2024. The platform, sqgame[.]net, hosts … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/05/china-scarcruft-supply-chain-attack/
-
ScarCruft hackers push BirdCall Android malware via game platform
The North Korean hacker group APT37 has been delivering an Android version of a backdoor called BirdCall in a supply-chain attack through a video game platform. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/scarcruft-hackers-push-birdcall-android-malware-via-game-platform/
-
Critical Android Zero-Click Vulnerability Enables Remote Shell Access
Google has released the Android Security Bulletin for May 2026, addressing a highly critical vulnerability that allows attackers to execute code remotely without any user interaction. Published on May 4, 2026, the latest security update focuses heavily on a severe flaw located within the Android System component. Threat actors can exploit this vulnerability to gain…
-
5 Best VPNs for Android in 2026
Explore the best VPNs for Android devices in 2026. Find out which VPN offers the best security, speed and features for your Android device. The post 5 Best VPNs for Android in 2026 appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/best-vpn-for-android/
-
âš¡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More
This week, the shadows moved faster than the patches.While most teams were still triaging last month’s alerts, attackers had already turned control panels into kill switches, kernels into open doors, and open-source pipelines into silent delivery systems.The game has shifted from breach to occupation. They’re living inside SaaS sessions, pushing code with trusted commits, and…
-
Telegram Mini Apps Abused for Crypto Scams and Android Malware Delivery
What happened CTM360 researchers have uncovered a large-scale fraud operation using Telegram’s Mini App feature to run cryptocurrency scams, impersonate major brands, and distribute Android malware. The platform behind the operation, dubbed FEMITBOT based on a string found in API responses, uses Telegram bots and embedded Mini Apps to create convincing app-like experiences within the…The…
-
Botnet Hijacks ADB-Exposed Android Devices to Target Minecraft Servers
New research has uncovered a Mirai-derived botnet called xlabs_v1 that turns Android devices with exposed Android Debug Bridge (ADB) into a distributed attack platform for knocking Minecraft servers and other game hosts offline. By abusing TCP port 5555 on poorly secured Android-based hardware, the operators are quietly building a rentable DDoS-for-hire service aimed at the gaming ecosystem.…
-
Telegram Mini Apps abused for crypto scams, Android malware delivery
Cybersecurity researchers have uncovered a large-scale fraud operation that uses Telegram’s Mini App feature to run crypto scams, impersonate well-known brands, and distribute Android malware. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/telegram-mini-apps-abused-for-crypto-scams-android-malware-delivery/
-
Google Revamps Bug Bounty Programs: Android Rewards Rise, Chrome Payouts Drop in the Age of AI
Google revamps bug bounties: Android rewards rise to $1.5M, Chrome payouts drop, shifting focus to high-impact, AI-resistant vulnerabilities. Google has announced a major overhaul of its Vulnerability Reward Programs (VRP) for Android and Chrome, marking a strategic shift in how the company approaches cybersecurity. The update comes as artificial intelligence tools are reshaping the field…
-
Samsung’s Free Android Upgrade Brings Better Security to Galaxy Phones
Samsung’s One UI 8.5 update may bring stronger Galaxy security controls as users report battery drain and overheating after recent patches. The post Samsung’s Free Android Upgrade Brings Better Security to Galaxy Phones appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-samsung-one-ui-8-5-galaxy-security-battery-drain/
-
New Android Spyware Platform Enables Rebranding and Resale
A newly discovered Android spyware platform is raising concerns among cybersecurity researchers by introducing a business model that allows buyers to rebrand and resell surveillance malware as their own product. Buyers can subscribe to the service, customize branding, and launch their own spyware operation with minimal effort. KidsProtect presents itself as a parental monitoring app,…
-
New Android spyware Morpheus linked to Italian surveillance firm
Osservatorio Nessuno uncovered Morpheus spyware spreading via fake Android apps to steal data, highlighting rising covert surveillance tools. The non-partisan, non-religious, nonprofit organization Osservatorio Nessuno exposed a new spyware called Morpheus, distributed through fake Android apps posing as updates. Once installed, it can steal extensive data from the infected devices. The report shows strong demand…
-
Fake KYC Android Malware Spreads via WhatsApp to Hijack Bank Accounts
A new Android malware campaign is masquerading as a “Banking KYC” verification app and spreading via WhatsApp messages to target banking users in India. The malware is delivered as an APK shared over WhatsApp, posing as an urgent bank KYC or account verification update similar to previously reported Indian banking fraud campaigns. Victims are told…
-
Fake Document Reader App Hits 10K Downloads, Spreads Anatsa Malware
A newly discovered malicious Android application masquerading as a document reader was found on the Google Play Store, infecting users with the notorious Anatsa banking trojan. The app, which had already surpassed 10,000 downloads before its removal, highlights the ongoing threat of malware slipping through official app marketplaces. The malicious app was hosted on the…
-
Another spyware maker caught distributing fake Android snooping apps
Researchers have found a new case where government authorities used a fake Android app to plant spyware on a target’s phone. The company that allegedly developed the spyware was not previously known to sell this type of software. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/24/another-spyware-maker-caught-distributing-fake-android-snooping-apps/
-
A study of 1,000 Android apps finds a privacy policy logging gap
Android developers write log statements for the same reasons they always have: debugging crashes, tracing performance issues, and understanding how features behave in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/24/android-privacy-policy-logging-research/
-
A study of 1,000 Android apps finds a privacy policy logging gap
Android developers write log statements for the same reasons they always have: debugging crashes, tracing performance issues, and understanding how features behave in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/24/android-privacy-policy-logging-research/
-
Warnung vor neuen Android-Trojanern: 800 Apps betroffen
Zimperium identifiziert vier neue Android-Banking-Trojaner. Über 800 Finanz- und Krypto-Apps weltweit sind betroffen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/android-trojaner-800-apps-betroffen
-
Google’s Pixel Update Sparks ‘Severe’ Battery Drain Across Multiple Models
Google Pixel users are reporting severe battery drain after recent Android updates, with complaints spanning multiple models and no confirmed fix yet. The post Google’s Pixel Update Sparks ‘Severe’ Battery Drain Across Multiple Models appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-pixel-update-battery-drain-crisis/
-
Google brings instant email verification to Android, no OTP needed
Google has introduced cryptographically verified email credentials for Android through the Credential Manager API. This API aligns with the W3C Digital Credential API … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/23/android-verified-email-credentials-feature/
-
NFC tappay gets tapped by hackers
AI was likely used: ESET researchers also spotted something unusual in the malware’s internals. Some traces suggested generative AI may have played a role in its development.Specifically, the injected malicious code contains emoji markers in debug logs, something more commonly associated with AI-generated output than human-written malware. The researchers noted that this isn’t definitive proof…
-
Neue NGate-Malware missbraucht HandyPay-App für NFC-Betrug
Sicherheitsforscher von ESET warnen vor einer Weiterentwicklung der NGate-Malware. Hacker nutzen eine manipulierte Version der seriösen App ‘HandyPay”, um kontaktlose Bezahldaten und PINs direkt von Android-Smartphones abzugreifen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/ngate-malware-nfc-betrug
-
Android 17 ends allnothing access to your contacts
Apps have been taking your whole contact list for years. Android 17 finally makes them ask for less. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/android-17-ends-all-or-nothing-access-to-your-contacts/
-
AI-Powered NGate Malware Evades Detection Inside NFC Payment Apps
A new NGate malware variant that hides inside a trojanized version of HandyPay, a legitimate NFC payment relay app for Android, to steal card data and PINs for ATM cash-outs and fraudulent payments. The injected code shows clear signs of being produced with generative AI, highlighting how low”‘skill actors can now weaponize NFC payment apps…
-
NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs
Cybersecurity researchers have discovered a new iteration of an Android malware family calledNGate that has been found to abuse a legitimate application called HandyPay instead of NFCGate.”The threat actors took the app, which is used to relay NFC data, and patched it with malicious code that appears to have been AI-generated,” ESET security researcher Lukáš…
-
NGate Android malware uses HandyPay NFC app to steal card data
A new variant of the NGate malware that steals NFC payment data is targeting Android users by hiding in a trojanized version of HandyPay, a legitimate mobile payments processing tool. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ngate-android-malware-uses-handypay-nfc-app-to-steal-card-data/