android
NetNut proxy network disrupted, 2 million infected devices cut off
A joint operation involving Google has disrupted NetNut, a residential proxy network that gave access to millions of compromised Android devices, including smart TVs and streaming boxes. Also known as Popa, the NetNut botnet allowed cybercriminals and espionage groups to hide behind legitimate home internet addresses when launching attacks. According to the Google Threat Intelligence […]
Google loses final appeal to overturn €4.1 billion EU fine
Court of Justice of the European Union (CJEU) has dismissed Google’s final appeal against a €4.1 billion ($4.7 billion) antitrust fine over the company’s use of Android to promote its Chrome browser and search service. This is the conclusion of a European Commission decision in 2018 that Google abused its dominant market position by using Android agreements […]
New Rokarolla Android malware targets 217 banking, crypto apps
A new Android banking trojan named Rokarolla is targeting 217 banking and cryptocurrency applications using an extensive set of 137 commands. The malware is distributed via malicious websites purporting to provide the Google Chrome or TikTok app, and can take complete administrative control of a compromised device. Its capabilities include stealing lock screen credentials, contact […]
NFCShare Android malware spreads via fake banking app updates on GitHub
New variants of the NFCShare Android malware are being distributed as fake updates for legitimate banking apps hosted on GitHub. The malware has evolved and is now targeting customers of multiple banks and financial institutions across Europe in a phishing campaign aimed at stealing payment card data. After tricking victims with a fake verification screen […]
Google adds Android protection against AI deepfake scam calls
Google is introducing a new Android security feature that will detect and flag phone calls in which scammers use artificial intelligence to impersonate a user’s personal contacts. Called “fake call detection,” the feature is rolling out globally this month to Android 12 and later devices, starting with Pixel devices, and will be enabled by default. Once activated, it works […]
Google fixes one actively exploited Android zero-day, 124 flaws
Google has released the June 2026 Android security patches to address 124 vulnerabilities, including one zero-day flaw exploited in targeted attacks. Local attackers can exploit the actively abused high-severity Android Framework vulnerability (tracked as CVE-2025-48595) to gain code execution and escalate privileges on devices running Android 14 or later. “There are indications that CVE-2025-48595 may […]
BTMOB Android malware service generates custom phishing payloads
An Android remote access trojan named BTMOB is offered to cybercriminals with a builder interface for generating malware payloads tailored to phishing lures. The malware provides a wide set of features that includes stealing specific data, intercepting financial transactions, capturing screenshots, and remote control capabilities. Cybersecurity company ESET says that BTMOB is openly advertised on […]
Android 17 to expand banking scam call and privacy protections
Android 17, expected to roll out next month, will introduce several security and privacy features focused on device theft, threat detection, and banking scam calls. Google will be expanding protections against scammers spoofing caller IDs to impersonate financial institutions and trick users into transferring money or revealing account-related information. Android will work with banking apps to detect […]
TrickMo Android banker adopts TON blockchain for covert comms
A new variant of the TrickMo Android banking malware, delivered in campaigns targeting users across Europe, introduces new commands and uses The Open Network (TON) for stealthy command-and-control communications. The TrickMo banker was first spotted in September 2019 and has remained in active development, constantly receiving updates since then. In October 2024, Zimperium analyzed 40 variants of the malware […]
Google now offers up to $1.5 million for some Android exploits
Google overhauls its Android and Chrome vulnerability rewards programs, offering bounties of up to $1.5 million for the most difficult exploits while scaling back payouts for flaws that artificial intelligence (AI) has made easier to find. The top reward of $1.5 million is reserved for zero-click Pixel Titan M2 security chip full-chain exploits with persistence, […]