Tag: malware as a service
17 articles

RedWing Spyware Targets Android Users via Telegram
Meet RedWing, a sneaky Android spyware that's being rented out as a service on Telegram, targeting unsuspecting users and institutions, with a staggering 82 organizations, mostly Russian financial firms, already in its sights. This malware-as-a-service operation is surprisingly polished, complete with a user-friendly interface, tutorial videos, and even a referral scheme to spread its reach.

RedWing Malware Targets Android Users with Bank Fraud as a Service
A new, ready-to-use bank-fraud tool called RedWing is being rented on Telegram, allowing even novice criminals to hijack Android users' phones and steal their banking information. This malicious kit is sold as a complete package, complete with step-by-step guides and how-to videos, making it alarmingly easy for scammers to get started.

QuimaRAT Exposes Cross-Platform Threat Capabilities
Meet QuimaRAT, a commercialized remote access trojan package that's being sold as a malware-as-a-service, threatening security across multiple platforms with its flexible subscription tiers. This Java-based tool is marketed for a surprisingly low price, ranging from $150 for a month to $1,200 for lifetime access.

SilabRAT Trojan Targets Crypto Wallets with Session Hijacking
Meet SilabRAT, a sneaky Trojan that's been sold as a malware-as-a-service on dark web forums since late 2025, allowing cybercrooks to hijack crypto wallet sessions and swipe funds. For just $5,000 a month, attackers can get their hands on this powerful tool and start targeting unsuspecting crypto wallet users.

Malware Campaigns Target Gamers, 86K Infected by CountLoader
A shocking 86,000 gamers have fallen victim to CountLoader, a sneaky malware campaign that's been targeting players since January 2026, and the masterminds behind it are making it easy for others to join the malicious party with their free, user-friendly malware service.

ESET Exposes BTMOB Android Malware Service
Meet BTMOB, a sneaky Android malware that's being sold as a subscription service - think $700/month or a one-time $5,000 fee for a lifetime license - making it easy for anyone to become a cyber threat actor. This malware-as-a-service platform even comes with a user-friendly APK builder, requiring zero coding skills.

Microsoft Disrupts Malware Signing Service Used by Ransomware Groups
Microsoft cracked down on a sophisticated malware signing service run by a group called Fox Tempest, which helped ransomware gangs disguise their malicious programs as legitimate software. This service was like a master forgery operation, creating counterfeit digital signatures that even experts struggled to spot.

Mirax RAT Exploits Meta Apps to Infiltrate Android Devices
Beware of fake ads on Meta apps - a sneaky new malware called Mirax RAT is using them to secretly take control of Android devices, with a focus on Spanish-speaking nations. This remote access Trojan is part of a growing Malware-as-a-Service economy that's putting unsuspecting users at risk.

Mirax Trojan Hijacks Android Devices for Proxy Network
Meet Mirax, a sneaky new Android banking trojan that's not only stealing credentials, but also hijacking devices to create a powerful proxy network - putting European users at risk. This emerging malware is a triple threat, combining a malware-as-a-service model, remote access capabilities, and residential proxies to wreak havoc on infected phones.

CrystalRAT Malware Emerges with Advanced RAT and Data Theft Capabilities
Meet CrystalRAT, a powerful malware-as-a-service that's being sold on Telegram, capable of giving outsiders remote control of your computer, stealing sensitive files, recording every keystroke, and even hijacking your clipboard. This malicious tool is a nightmare come true, and its emergence poses a serious threat to online security.

Venom Stealer Platform Automates Data Theft with ClickFix Tactics
Imagine a silent thief lurking in the shadows of your digital life, quietly siphoning off sensitive info - and now, cybercriminals can easily access this capability with Venom Stealer, a new malware-as-a-service tool that automates data theft with alarming ease. This menacing platform is poised to revolutionize cybercrime, making it simpler than ever for attackers to steal credentials, cookies, and cryptocurrency assets.

Jackpotting Surge: Stunning, Costly $20M Hit to Banks
An FBI alert reveals ATM jackpotting cost banks $20M in 2025—criminals are now turning cash machines into programmable paydays by exploiting unpatched systems, weak credentials, and supply‑chain gaps. It’s a wake‑up call that security isn’t just about tech—people and processes matter too.

New Android Albiriox Malware Exclusive: Dangerous Surge
Albiriox malware is being sold like a subscription, turning smartphones into turnkey crime tools that give even novice operators remote takeover, credential harvesting, and live‑fraud capabilities. That MaaS model lowers the bar for attackers and creates an industrialized path from infection to immediate theft that security teams and users now must reckon with.

Operation Endgame 3.0: Exclusive Critical Malware Takedown
Law enforcement’s multinational takedown that removed the Rhadamanthys infostealer, neutralized VenomRAT and dismantled the Elysium botnet is a major win for international cooperation — but as malware becomes an industrialized, modular business, experts warn this victory may only be a temporary setback for adaptable criminal networks.

Lumma Stealer Exclusive: Vidar 2.0 Fuels Dangerous Rise
The Lumma Stealer leak has supercharged Vidar 2.0, recycling stolen credentials and exposed code into a stealthier, cheaper toolkit for criminals. Trend Micro warns defenders to brace for rising Vidar 2.0 activity through Q4 2025.

Lumma Stealer Exclusive: Upgraded Vidar 2.0 Sparks Threat
A marketplace leak proves Vidar 2.0 (Vidar 20) is evolving into a commercially sold, regularly updated threat—Trend Micro warns it will surge through Q4 2025, so defenders must choose urgent action over complacency.

Lumma Stealer Vacuum Exclusive Dangerous Vidar 2.0 Upgrade
From the public doxxing of Lumma Stealer to the resurfacing of Vidar 2.0, the cybercrime scene is behaving more like a ruthless software market — and that escalation puts millions of credentials and finances at risk. Security teams take note: analysts expect a rise in sophisticated stealer activity through Q4 2025.