Researchers from Kaspersky discovered a new version of the Mandrake Android spyware in five app on Google Play, totaling over 32,000 downloads between 2022 and 2024. Researchers from Bitdefender discovered the high-sophisticated Android spyware Mandrake in 2022, while investigating highly targeted attacks against specific devices. The original Mandrake campaign had two major infection waves, in…

Malicious actors are targeting users of a mobile currency game by using fake Android and Windows software that installs spyware and other malware. Hamster Kombat launched in March and already has more than 250 million users, likely due to the promises of winning TON-based cryptocurrency. The game is for Android users, who can earn in-game…

The critical bug, tracked as CVE-2024-31320, impacts Android versions 12 and 12L and allows an attacker to escalate privileges on a vulnerable device. “The most severe of these issues is a critical security vulnerability in the Framework component that could lead to local escalation of privilege with no additional execution privileges needed,” Google explains in…

In November 2023, researchers from ThreatFabric observed a resurgence of the Anatsa banking Trojan, aka TeaBot and Toddler. Between November and February, the experts observed five distinct waves of attacks, each focusing on different regions. The malware previously focused its activities on the UK, Germany, and Spain, but the latest campaigns targeted Slovakia, Slovenia, and…

McAfee Mobile Research Team discovered a new Android backdoor dubbed Xamalicious that can take full control of the device and perform fraudulent actions. The malware has been implemented with Xamarin, an open-source framework that allows building Android and iOS apps with .NET and C#. Xamalicious relies on social engineering to gain accessibility privileges, then it…

Active since early 2023, the malware initially targeted mobile banking applications in Australia and Poland, but has since expanded its reach to the UK and Italy. When initially uncovered, ThreatFabric explains, Chameleon used multiple loggers, had limited malicious functionality, and contained various unused commands, suggesting that it was still under development. Employing a proxy feature…

Google released September 2023 Android security updates that address tens of vulnerabilities, including a zero-day flaw tracked as CVE-2023-35674 that was actively exploited in the wild. This high-severity vulnerability CVE-2023-35674 resides in the Framework component, a threat actor could exploit the issue to escalate privileges without requiring user interaction or additional execution privileges. “There are…

Hackers aligned with Chinese interests are targeting Android users with fake encrypted chat apps Trojanized with espionage capabilities in separate and ongoing campaigns, one active since July 2020 and the other for more than 12 months. Researchers at Eset on Wednesday attributed the campaigns to a threat group tracked as Gref, which overlaps with activity…

Why are so many fresh zero-day vulnerabilities getting exploited in the wild? A new study from Google says that last year, 41 new zero-day vulnerabilities were exploited in the wild. While that’s welcome news in terms of recent volume – it’s a 40% decrease from the all-time annual high of 69 in 2021 – it’s…

Attackers are increasingly targeting users through their mobile devices, attacking vulnerabilities in services that are built into applications and mounting increasing numbers of SMS phishing attacks. That’s according to mobile security firm Zimperium’s 2023 “Global Mobile Threat Report,” which also found that the average number of unique mobile malware samples grew 51% in 2022, totaling…