Tag: android malware
15 articles

RedHook Android Malware Exploits Wireless ADB for Shell Access
Meet RedHook, a sneaky Android malware that's taking advantage of Wireless ADB and Accessibility features to gain shell-level control over your device - and it can be controlled remotely with 53 server-issued commands. This clever malware tricks victims into granting permissions, then takes control, making it a serious threat to your digital security.

NetNut Exposed in Massive Popa Botnet Operation
Meet Popa, a sneaky Android-based plugin that's been secretly infiltrating over 1.4 million internet addresses via unofficial streaming apps and set-top devices, researchers have uncovered. This stealthy operation is linked to the notorious Vo1d botnet family, which has been targeting vulnerable Android TV boxes.

Android Malware NFCShare Targets Europe Banks via GitHub Updates
Malicious actors are using GitHub to spread new variants of the NFCShare Android malware, disguising them as banking app updates to target customers of European banks. Victims are first lured into downloading the malware through phishing sites that mimic real banks, where they're prompted to install a fake update.

ESET Exposes BTMOB Android Malware Service
Meet BTMOB, a sneaky Android malware that's being sold as a subscription service - think $700/month or a one-time $5,000 fee for a lifetime license - making it easy for anyone to become a cyber threat actor. This malware-as-a-service platform even comes with a user-friendly APK builder, requiring zero coding skills.

Android Malware Campaign Silently Invoices Users via Fake Apps
Malware hidden in nearly 250 fake Android apps has been silently invoicing users for premium services, with victims largely unaware of the charges. The sneaky campaign, dubbed Premium Deception, targeted subscribers in several countries, including Malaysia, Thailand, Romania, and Croatia, over a 10-month period.

Malicious Android Apps Fuel 659M Daily Ad Fraud Bid Requests
Meet Trapdoor, a massive ad fraud scam driven by 455 malicious Android apps that generated a whopping 659 million daily bid requests at its peak, all while hiding in plain sight as harmless utilities like PDF viewers and file managers. These fake apps tricked users into installing malware, unleashing a hidden ad fraud operation controlled by 183 threat actor-owned domains.

Mobile Malware Attacks Drop, Banking Trojans Surge.
Mobile malware attacks may be on the decline, but banking Trojans are surging, with over 162,000 malicious packages detected in Q1 2026, putting your financial security at risk. Kaspersky's Q1 2026 report reveals a concerning shift in mobile threats, with 306,070 Android malware samples and 439 mobile ransomware Trojans also discovered.

TrickMo Trojan Adopts TON Blockchain for Evasive C2 Routing
A new variant of the TrickMo Trojan, tracked as TrickMo C, has emerged, cleverly using The Open Network (TON) blockchain to disguise its command-and-control traffic, making it even harder to detect. This sneaky malware targets banking and wallet users in France, Italy, and Austria through convincing TikTok-themed lures on Facebook ads.

TrickMo Malware Adopts TON Blockchain for Covert Command-and-Control
Meet Trickmo.C, a sneaky new variant of the TrickMo Android banker that's been hiding in plain sight as a TikTok or streaming app, targeting unsuspecting users in France, Italy, and Austria since January. This cunning malware has evolved to use the TON blockchain for covert command-and-control, making traditional domain takedowns a thing of the past.

North Korean Hackers Infiltrate Android Games to Spy on Defectors
Security researchers at Eset stumbled upon a sneaky plot by North Korean hackers, who infiltrated popular Android games to spy on defectors by hiding a backdoor called BirdCall in the apps. The malicious code was cleverly disguised in game files available for download on a regional gaming platform's official website.

Telegram Abused for Crypto Scams and Android Malware Delivery
Researchers uncovered a massive scam operation, dubbed FEMITBOT, that uses Telegram's Mini Apps to spread fake crypto platforms, brand impersonations, and Android malware, with a single API string tying it all together. Victims are lured in with a convincing, app-like interface that tricks them into divulging sensitive info.

NGate Malware Targets Brazil, Trojanizes HandyPay for NFC Data Theft
Security researchers have uncovered a sneaky new Android malware, NGate, that has been hiding in plain sight by infecting a legitimate app called HandyPay, used for NFC data relay, and using AI-generated code to steal payment credentials. This cleverly crafted malware has set its sights on Brazil, putting unsuspecting users at risk of NFC data theft.

Malware Exploits APK Flaws to Evade Android Static Analysis
Malware developers have found a sneaky trick to evade detection on Android devices, exploiting APK flaws to hide their malicious code from static analysis - and over 3,000 malware samples have already adopted this tactic. This widespread technique allows malware to fly under the radar, posing a significant threat to Android users.

Mirax RAT Exploits Meta Apps to Infiltrate Android Devices
Beware of fake ads on Meta apps - a sneaky new malware called Mirax RAT is using them to secretly take control of Android devices, with a focus on Spanish-speaking nations. This remote access Trojan is part of a growing Malware-as-a-Service economy that's putting unsuspecting users at risk.

Mirax RAT Exploits Meta Ads to Hijack 220,000 Devices
Meet Mirax RAT, a sneaky Android malware that's hijacked over 220,000 devices by exploiting Meta Ads, giving strangers full control over unsuspecting users' phones. This malicious code has rapidly spread to hundreds of thousands of social accounts, showcasing the alarming power of mainstream ad platforms in the wrong hands.