Tag: android
-
PromptSpy is the first known Android malware to use generative AI at runtime
Researchers have discovered the first known Android malware to use generative AI in its execution flow, using Google’s Gemini model to adapt its persistence across different devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/promptspy-is-the-first-known-android-malware-to-use-generative-ai-at-runtime/
-
PromptSpy is the first known Android malware to use generative AI at runtime
Researchers have discovered the first known Android malware to use generative AI in its execution flow, using Google’s Gemini model to adapt its persistence across different devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/promptspy-is-the-first-known-android-malware-to-use-generative-ai-at-runtime/
-
PromptSpy is the first Android malware to use generative AI at runtime
Researchers have discovered the first known Android malware to use generative AI in its execution flow, using Google’s Gemini model to adapt its persistence across different devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/promptspy-is-the-first-android-malware-to-use-generative-ai-at-runtime/
-
Google blocked over 1.75 million Play Store app submissions in 2025
Google says that through 2025, it blocked more than 255,000 Android apps from obtaining excessive access to sensitive user data and rejected over 1.75 million apps from being published on Google Play due to policy violations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-blocked-over-175-million-play-store-app-submissions-in-2025/
-
PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence
Cybersecurity researchers have discovered what they say is the first Android malware that abuses Gemini, Google’s generative artificial intelligence (AI) chatbot, as part of its execution flow and achieves persistence.The malware has been codenamed PromptSpy by ESET. The malware is equipped to capture lockscreen data, block uninstallation efforts, gather device information, take screenshots, First seen…
-
PromptSpy Android malware may exploit Gemini AI
A newly-uncovered malware targeting the Android operating system seems to exploit Google’s Gemini GenAI tool to help it maintain persistence. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366639201/PromptSpy-Android-malware-may-exploit-Gemini-AI
-
Android malware taps Gemini to navigate infected devices
The real deal or another research project overblown? First seen on theregister.com Jump to article: www.theregister.com/2026/02/19/genai_malware_android/
-
Android malware taps Gemini to navigate infected devices
The real deal or another research project overblown? First seen on theregister.com Jump to article: www.theregister.com/2026/02/19/genai_malware_android/
-
PromptSpy: First Android malware to use generative AI in its execution flow
ESET researchers have discovered PromptSpy, the first known Android malware to abuse generative AI as part of its execution flow in order to achieve persistence. This marks … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/19/promptspy-android-malware-generative-ai/
-
Citizen Lab Finds Evidence of Mobile Data Extraction from Detained Kenyan Activist
Citizen Lab says it found forensic evidence that Cellebrite’s mobile extraction technology was used on a Samsung Android phone belonging to detained Kenyan activist and politician Boniface Mwangi while the device was in police custody in July 2025. The group warns the case highlights how high-powered forensic tools can be used to access sensitive personal…
-
Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users
Cybersecurity researchers have disclosed details of a new Android trojan called Massiv that’s designed to facilitate device takeover (DTO) attacks for financial theft.The malware, according to ThreatFabric, masquerades as seemingly harmless IPTV apps to deceive victims, indicating that the activity is primarily singling out users looking for the online TV applications.”This new threat, while First…
-
Massiv Attack: Android Trojan Targets IPTV Users
New Trojan May Soon Be Offered for Sale to Criminal Underground. Security researchers warn of Massiv, an Android Trojan – disguised as an IPTV app – targeting users who sideload streaming apps. The malware enables screen capture, overlays and credential theft – and may soon be marketed on criminal underground forums as malware as a…
-
New ‘Massiv’ Android banking malware poses as an IPTV app
A newly identified Android banking trojan named Massiv has been under active distribution across south Europe, disguised as an IPTV app. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-massiv-android-banking-malware-poses-as-an-iptv-app/
-
New backdoor found in Android tablets targeting users in Russia, Germany and Japan
In a report released this week, Russian cybersecurity firm Kaspersky said it uncovered a previously undocumented backdoor dubbed Keenadu that is built directly into a device’s core software, allowing it to load into every application launched on the tablet. First seen on therecord.media Jump to article: therecord.media/new-backdoor-found-in-android-russia-japan-brazil
-
Keenadu: Android malware that comes preinstalled and can’t be removed by users
Embedded in core system apps: Keenadu can control legitimate system applications on affected devices. Kaspersky observed it inside critical components such as face unlock applications, raising the possibility that attackers could access biometric data. The malware was also found operating within the home screen app that controls the device’s primary interface.The researchers warned that the…
-
Gefährliche Backdoor: Android-Malware in Firmware und auf Google Play entdeckt
Die Keenadu-Malware verschafft Angreifern die volle Kontrolle über Android-Geräte. Eine Entfernung gestaltet sich je nach Infektionsweg schwierig. First seen on golem.de Jump to article: www.golem.de/news/gefaehrliche-backdoor-android-malware-in-firmware-und-auf-google-play-entdeckt-2602-205544.html
-
Keenadu backdoor found preinstalled on Android devices, powers Ad fraud campaign
Kaspersky uncovered Keenadu, an Android backdoor used for ad fraud that can even take full control of devices. Kaspersky has identified a new Android malware called Keenadu. It can be preinstalled in device firmware, hidden inside system apps, or even distributed via official stores like Google Play. Currently used for ad fraud by turning infected…
-
Supply Chain Attack Embeds Malware in Android Devices
Keenadu downloads payloads that hijack browser searches, commit ad fraud, and execute other actions without user knowledge. First seen on darkreading.com Jump to article: www.darkreading.com/mobile-security/supply-chain-attack-embeds-malware-android-devices
-
Supply Chain Attack Embeds Malware in Android Devices
Keenadu downloads payloads that hijack browser searches, commit ad fraud, and execute other actions without user knowledge. First seen on darkreading.com Jump to article: www.darkreading.com/mobile-security/supply-chain-attack-embeds-malware-android-devices
-
Keenadu Firmware Backdoor Infects Android Tablets via Signed OTA Updates
A new Android backdoor that’s embedded deep into the device firmware can silently harvest data and remotely control its behavior, according to new findings from Kaspersky.The Russian cybersecurity vendor said it discovered the backdoor, dubbed Keenadu, in the firmware of devices associated with various brands, including Alldocube, with the compromise occurring during the firmware build…
-
Android 17 Beta Introduces Secure-By-Default Architecture
Android 17 Beta introduces privacy, security updates and a new Canary channel for improved development First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/android-17-beta-secure-default/
-
New Keenadu backdoor found in Android firmware, Google Play apps
A newly discovered and sophisticated Android malware called Keenadu has been found embedded in firmware from multiple device brands, enabling it to compromise all installed applications and gain unrestricted control over infected devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-keenadu-backdoor-found-in-android-firmware-google-play-apps/
-
New Keenadu backdoor found in Android firmware, Google Play apps
A newly discovered and sophisticated Android malware called Keenadu has been found embedded in firmware from multiple device brands, enabling it to compromise all installed applications and gain unrestricted control over infected devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-keenadu-backdoor-found-in-android-firmware-google-play-apps/
-
Murena: Volla Tablet mit Google-freiem /e/OS erhältlich
Nach Ubuntu Touch und Volla OS kann nun auch das Android-ROM /e/OS ohne Google-Dienste auf dem Volla-Tablet installiert werden. First seen on golem.de Jump to article: www.golem.de/news/murena-volla-tablet-mit-google-freiem-e-os-erhaeltlich-2602-205501.html
-
Firmware-level Android backdoor found on tablets from multiple manufacturers
A new Android backdoor embedded directly in device firmware can quietly take control of apps and harvest data, Kaspersky researchers found. The malware, named Keenadu, was … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/17/firmware-level-android-backdoor-keenadu-tablets/
-
Fake ‘Antivirus’ App Spreads Android Malware, Steals Banking Credentials
A fake Android antivirus app called TrustBastion is spreading malware and stealing banking credentials. Here’s how it works and how to stay protected. The post Fake ‘Antivirus’ App Spreads Android Malware, Steals Banking Credentials appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-fake-android-antivirus-trustbastion-malware/
-
New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Theft
Cybersecurity researchers have disclosed details of a new mobile spyware platform dubbed ZeroDayRAT that’s being advertised on Telegram as a way to grab sensitive data and facilitate real-time surveillance on Android and iOS devices.”The developer runs dedicated channels for sales, customer support, and regular updates, giving buyers a single point of access to a fully…
-
Android 17 beta brings privacy, security, and performance changes
Google has released the first beta of Android 17, giving developers an early view of changes to core app behavior, platform tooling, performance, media handling, and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/16/android-17-beta-changes-privacy-security/
-
ZeroDayRAT Exploit Targets Android iOS, Enabling Real-Time Surveillance and Massive Data Theft
A newly surfaced mobile spyware platform called ZeroDayRAT is rapidly gaining traction across underground Telegram channels. ZeroDayRAT is designed to give attackers complete remote control over both Android and iOS devices, supporting versions from Android 5 through 16 and iOS up to version 26, including the latest iPhone 17 Pro. The panel interface allows the operator to manage multiple infected devices worldwide as…