McAfee

Stealth Android Backdoor Xamalicious Found Actively Infecting Devices

The Xamalicious backdoor, implemented with Xamarin, targets Android devices by gaining accessibility privileges and communicating with a C2 server to download a second-stage payload, potentially enabling fraudulent actions without user consent.

Indian Banking Customers Targeted by Phishing Campaign Distributing Trojan as Fake Verification Tool

The trojan is distributed through WhatsApp messages, prompting users to download an APK for a mandatory verification procedure. Once installed, it collects personal and financial information and intercepts SMS messages to steal verification codes.

PDF Phishing: Beyond the Bait

Phishing attackers are increasingly using PDF documents to conduct successful campaigns by exploiting the trustworthiness of the file format and leveraging social engineering tactics.

Unmasking New AsyncRAT Infection Chain

AsyncRAT is being distributed through a malicious HTML file and uses various file types like PowerShell, WSF, and VBScript to bypass detection. The infection chain begins with a spam email containing a malicious URL to download the HTML file.

Peeling Back the Layers of RemcosRAT Malware

The Remcos RAT utilizes complex obfuscation techniques to evade detection and deliver a sophisticated remote access payload. It has multiple stages of execution, including VBS and PowerShell scripts, to download and execute the final payload.

Android SpyNote Attacks Electric and Water Public Utility Users in Japan

A smishing campaign is targeting Japanese Android users by posing as a power and water infrastructure company and luring victims to a phishing website to download the SpyNote malware.

GULoader Campaigns: A Deep Dive Analysis of a highly evasive Shellcode-based loader

In recent GULoader campaigns, researchers witnessed a rise in NSIS-based installers delivered via email as malspam that use plugin libraries to execute the GU shellcode on the victim system.

HiddenAds Spread via Android Gaming Apps on Google Play Store

These HiddenAds applications discovered on the Google Play Store and installed by at least 35 million users worldwide, have been found to send packets stealthily for advertising revenue in bulk.

Fakecalls Android Malware Abuses Legitimate Signing Key to Sign Malicious Apps

This threat had been disclosed to the company that owns the legitimate key last year and the company has taken precautions. The company confirmed that they have replaced the signing key and currently, all their apps are signed with a new singing key.

Privacy-invasive and Clicker Android Adware found in popular apps in South Korea

Some apps were removed from Google Play while others were updated by the official developers. Users are encouraged to update the apps to the latest version to remove the identified threat from their devices.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags