Tag: Android

March 30, 2023

A group of academics from Northeastern University and KU Leuven has disclosed a fundamental design flaw in the IEEE 802.11 Wi-Fi protocol standard, impacting a wide range of devices running Linux, FreeBSD, Android, and iOS. Successful exploitation of the shortcoming […]

February 7, 2023

A new Android banking Trojan called PixPirate is targeting more than 100 million Brazilian Pix instant payment accounts. The Pix payment platform was created and is operated by the Brazil Central Bank, and it’s used to make instant mobile payments […]

January 23, 2023

An improved Android banking Trojan dubbed Hook by security researchers is capable of taking remote control of mobile device, contributing to the growing overlap between surveillance malware and financial fraud. The Trojan, which analysis by Danish cybersecurity firm ThreatFabric characterizes […]

January 19, 2023

The threat actor behind the BlackRock and ERMAC Android banking trojans has unleashed yet another malware for rent called Hook that introduces new capabilities to access files stored in the devices and create a remote interactive session. ThreatFabric, in a […]

January 17, 2023

CloudSEK launched the BeVigil app to provide users with detailed information about the security and privacy practices of their mobile apps. With the BeVigil App, users can search for apps by name and view detailed information about the app’s security […]

January 5, 2023

Financial institutions are being targeted by a new version of Android malware called SpyNote at least since October 2022. “The reason behind this increase is that the developer of the spyware, who was previously selling it to other actors, made […]

December 28, 2022

A new malware variant has been detected that is capable of listening to a users’ calls, recognizing a callers’ gender and identity, and even recognizing, to some degree, what’s being said. Fortunately, the good news is that the malware is […]

December 15, 2022

A previously undocumented Android malware campaign has been observed leveraging money-lending apps to blackmail victims into paying up with personal information stolen from their devices. Mobile security company Zimperium dubbed the activity MoneyMonger, pointing out the use of the cross-platform […]

December 1, 2022

More than 300,000 users across 71 countries have been victimized by a new Android threat campaign called the Schoolyard Bully Trojan. Mainly designed to steal Facebook credentials, the malware is camouflaged as legitimate education-themed applications to lure unsuspecting users into […]

November 30, 2022

A malicious Android SMS application found on the Google Play Store has been found to stealthily harvest text messages with the goal of creating accounts on a wide range of platforms like Facebook, Google, and WhatsApp. The app, named Symoo […]

November 28, 2022

An advanced persistent threat (APT) actor focused on cyberespionage, Bahamut was initially detailed in 2017, but continues to be active, leveraging a fake online empire of social media personas, websites, and applications, which has allowed it to fly under the […]

November 8, 2022

The first part of the update, the ‘2022-11-01 patch level’, includes fixes for 17 security defects, 12 of which could lead to escalation of privilege (EoP), three to denial of service (DoS), and two leading to information disclosure. All of […]

November 8, 2022

Android users are often advised to get mobile apps from Google Play, the company’s official app marketplace, to minimize the possibility of downloading malware. After all, Google analyzes apps before allowing them on the market. Unfortunately, time after time, we […]

November 2, 2022

A previously undocumented Android spyware campaign has been found striking Persian-speaking individuals by masquerading as a seemingly harmless VPN application. Russian cybersecurity firm Kaspersky is tracking the campaign under the moniker SandStrike. It has not been attributed to any particular […]

October 10, 2022

Tracked as CVE-2022-20419 and described as an information disclosure bug, the critical flaw has been resolved with the ‘2022-10-01 security patch level’, along with five other vulnerabilities in Framework that could lead to elevation of privilege, information disclosure and denial […]

October 5, 2022

A novel Android malware called RatMilad has been observed targeting a Middle Eastern enterprise mobile device by concealing itself as a VPN and phone number spoofing app. The mobile trojan functions as advanced spyware with capabilities that receives and executes […]

September 12, 2022

The Pixel components impacted by the two critical bugs are Trusty and kernel. Tracked as CVE-2022-20231 and CVE-2022-20364, both issues could lead to escalation of privileges, Google explains. Three medium-severity vulnerabilities addressed with the latest Pixel security updates impact kernel […]

September 6, 2022

A previously undocumented strain of Android spyware with extensive information gathering capabilities has been found disguised as a book likely designed to target the Uyghur community in China. The malware comes under the guise of a book titled “The China […]

September 1, 2022

Microsoft has released a detailed rundown of an issue, now fixed, which was potentially dangerous for users of TikTok. The problem, flagged as a “high-severity vulnerability” by Microsoft, required several steps chained together in order to function. Attackers making use […]

August 31, 2022

A high-severity flaw in the Android version of the TikTok app — which has been installed more than 1.5 billion times so far via the Google Play Store — could allow threat actors to hijack a user’s account with a […]