mobile
Malicious Android apps on Google Play downloaded 42 million times
Hundreds of malicious Android apps on Google Play were downloaded more than 40 million times between June 2024 and May 2025, notes a report from cloud security company Zscaler. During the same period, the company observed a 67% year-over-year growth in malware targeting mobile devices, with spyware and banking trojans being a prevalent risk. Telemetry data […]
Massive surge of NFC relay malware steals Europeans’ credit cards
Near-Field Communication (NFC) relay malware has grown massively popular in Eastern Europe, with researchers discovering over 760 malicious Android apps using the technique to steal people’s payment card information in the past few months. Contrary to the traditional banking trojans that use overlays to steal banking credentials or remote access tools to perform fraudulent transactions, […]
New Herodotus Android malware fakes human typing to avoid detection
A new Android malware family, Herodotus, uses random delay injection in its input routines to mimic human behavior on mobile devices and evade timing-based detection by security software. Herodotus, according to Threat Fabric, is offered as a malware-as-a-service (MaaS) to financially motivated cybercriminals, believed to be the same operators behind Brokewell. Although the malware is still […]
New Android spyware ClayRat imitates WhatsApp, TikTok, YouTube
A new Android spyware called ClayRat is luring potential victims by posing as popular apps and services like WhatsApp, Google Photos, TikTok, and YouTube. The malware is targeting Russian users through Telegram channels and malicious websites that appear legitimate. It can steal SMS meessages call logs, notifications, take pictures, and even make phone calls. Malware researchers […]
Android malware uses VNC to give attackers hands-on access
A new Android banking and remote access trojan (RAT) dubbed Klopatra disguised as an IPTV and VPN app has infected more than 3,000 devices across Europe. Klopatra is described as a powerful trojan that can monitor the screen in real time, capture input, simulate gesture navigation, and features a hidden Virtual Network Computing (VNC) mode. Researchers at […]
F-Droid project threatened by Google’s new dev registration rules
F-Droid is warning that the project could reach an end due to Google’s new requirements for all Android developers to verify their identity. The third-party app store argues that Google falsely frames this new requirement as a security measure against malware and the purpose is to tighten the grip on “a formerly open ecosystem.” F-Droid […]
Unpatched flaw in OnePlus phones lets rogue apps text messages
A vulnerability in multiple versions of OxygenOS, the Android-based operating system from OnePlus, allows any installed app to access SMS data and metadata without requiring permission or user interaction. OnePlus, a subsidiary of Oppo, is a Shenzhen-based consumer electronics maker known for developing high-end smartphones at competitive pricing. While other major Chinese brands like Huawei […]
Google fixes actively exploited Android flaws in September update
Google has released the September 2025 security update for Android devices, addressing a total of 84 vulnerabilities, including two actively exploited flaws. The two flaws that were detected as exploited in zero-day attacks are CVE-2025-38352, an elevation of privilege in the Android kernel, and CVE-2025-48543, also an elevation of privilege problem in the Android Runtime component. Google noted […]
Google to verify all Android devs to block malware on Google Play
Google is introducing a new defense for Android called ‘Developer Verification’ to block malware installations from sideloaded apps sourced from outside the official Google Play app store. For apps on Google Play, there was already a requirement for publishers to provide a D-U-N-S (Data Universal Numbering System) number, introduced on August 31, 2023. Google says this has had a notable […]
Malicious Android apps with 19M installs removed from Google Play
Seventy-seven malicious Android apps with more than 19 million installs were delivering multiple malware families to Google Play users. This malware infiltration was discovered by Zscaler’s ThreatLabs team while investigating a new infection wave with Anatsa (Tea Bot) banking trojan targeting Android devices. While most of the malicious apps (over 66%) included adware components, the most common Android […]