android
Android 17 to expand banking scam call and privacy protections
Android 17, expected to roll out next month, will introduce several security and privacy features focused on device theft, threat detection, and banking scam calls. Google will be expanding protections against scammers spoofing caller IDs to impersonate financial institutions and trick users into transferring money or revealing account-related information. Android will work with banking apps to detect […]
TrickMo Android banker adopts TON blockchain for covert comms
A new variant of the TrickMo Android banking malware, delivered in campaigns targeting users across Europe, introduces new commands and uses The Open Network (TON) for stealthy command-and-control communications. The TrickMo banker was first spotted in September 2019 and has remained in active development, constantly receiving updates since then. In October 2024, Zimperium analyzed 40 variants of the malware […]
Google now offers up to $1.5 million for some Android exploits
Google overhauls its Android and Chrome vulnerability rewards programs, offering bounties of up to $1.5 million for the most difficult exploits while scaling back payouts for flaws that artificial intelligence (AI) has made easier to find. The top reward of $1.5 million is reserved for zero-click Pixel Titan M2 security chip full-chain exploits with persistence, […]
ScarCruft hackers push BirdCall Android malware via game platform
The North Korean hacker group APT37 has been delivering an Android version of a backdoor called BirdCall in a supply-chain attack through a video game platform. While BirdCall is a known backdoor for Windows systems, APT37, also known as ScarCruft and Ricochet Chollima, has developed a variant for Android that doubles as spyware. According to […]
Telegram Mini Apps abused for crypto scams, Android malware delivery
Cybersecurity researchers have uncovered a large-scale fraud operation that uses Telegram’s Mini App feature to run crypto scams, impersonate well-known brands, and distribute Android malware. A new report by CTM360 says the platform, dubbed FEMITBOT, is based on a string found in API responses and uses Telegram bots and embedded Mini Apps to create convincing, […]
NGate Android malware uses HandyPay NFC app to steal card data
A new variant of the NGate malware that steals NFC payment data is targeting Android users by hiding in a trojanized version of HandyPay, a legitimate mobile payments processing tool. NGate was originally documented in mid-2024 and steals payment card information through the mobile device’s near-field communication (NFC) chip. The data is sent to the […]
‘NoVoice’ Android malware on Google Play infected 2.3 million devices
A new Android malware named NoVoice was found on Google Play, hidden in more than 50 apps that were downloaded at least 2.3 million times. The apps carrying the malicious payload included cleaners, image galleries, and games. They required no suspicious permissions and provided the promised functionality. After launching an infected app, the malware tried to […]
Google adds ‘Advanced Flow’ for safe APK sideloading on Android
Google has announced a new mechanism in Android called Advanced Flow, which will allow sideloading APKs from unverified developers for power users in a more secure manner. The new system, scheduled to roll out this August, aims to allow installing Android apps from unverified developers while minimizing the risk of malware infections and scams, which […]
New ‘Perseus’ Android malware checks user notes for secrets
A new Android malware called Perseus is checking user-curated notes to steal sensitive information, like passwords, recovery phrases, or financial data. Distributed over unofficial stores disguised as IPTV, Perseus allows complete device takeover, screenshot capturing , and overlay attacks. By posing as IPTV apps, which are often used to stream pirated content, the threat actor […]
New BeatBanker Android malware poses as Starlink app to hijack devices
A new Android malware named BeatBanker can hijack devices and tricks users into installing it by posing as a Starlink app on websites masquerading as the official Google Play Store. The malware combines banking trojan functions with Monero mining, and can steal credentials, as well as tamper with cryptocurrency transactions. Kaspersky researchers discovered BeatBanker in campaigns […]