The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

Roaming Mantis Wroba.o Android Malware

Feb 3, 2023 1:20:46 PM / by The Hivemind posted in Threat Bulletin, Android, Shaoye, Xloader, Roaming Mantis, DNS, Wroba.o

0 Comments

Related Families: Wroba.o, Xloader

Executive Summary

Kaspersky SecureList recently reported on a Roaming Mantis campaign using Wroba.o with DNS hijacking to infect routers and Android devices.


Key Takeaways

Read More

Hook Android Banking Trojan

Jan 31, 2023 12:25:40 PM / by The Hivemind posted in Threat Bulletin, Banking, Android, RAT, Trojan, Hook, Ermac, DukeEugene

0 Comments

Related Families: Ermac
Verticals Targeted:
Financial

Executive Summary

Threat Fabric recently reported on Hook, an Android banking trojan that is a fork of Ermac.

Read More

Godfather Android Banking Trojan

Jan 5, 2023 12:27:16 PM / by PolySwarm Tech Team posted in Threat Bulletin, Banking, Android, Trojan, Mobile, Godfather

0 Comments

Related Families: Anubis
Verticals Targeted: Financial

Read More

2022 Recap - Mobile Malware Threat Landscape

Dec 8, 2022 1:23:16 PM / by PolySwarm Tech Team posted in Threat Bulletin, Android, Malware, 2022 Recap, ios, Mobile

0 Comments

Verticals Targeted: Financial, Government, Journalism, Various

Executive Summary

This report is part of PolySwarm’s 2022 Recap series. This edition provides an overview of the 2022 mobile malware threat landscape.

Key Takeaways

  • The 2022 mobile malware threat landscape saw a 500% increase in malware distribution in early 2022, and mobile malware continued to be rampant throughout the year.
  • Some of the attack vectors used by threat actors to distribute mobile malware in 2022 include apps injected with malicious code, zero-click attacks, TOAD, and smashing.
  • Types of mobile malware that were prolific in 2022 include banking trojans, dropper apps, spyware, mobile ransomware, and subscriber trojans.
Read More

Phishing and Android Malware Campaign Targets Indian Banks

Nov 21, 2022 1:12:25 PM / by PolySwarm Tech Team posted in Threat Bulletin, Financial, India, Android, Phishing, Elibomi, FakeReward, AxBanker, IcRA, IcSpy

0 Comments

Related Families: Elibomi, FakeReward, AxBanker, IcRAT, IcSpy
Verticals Targeted: Financial

Executive Summary

Trend Micro recently reported on a phishing and Android malware campaign targeting clients of multiple banks in India. The campaign leverages multiple malware families, including Elibomi, FakeReward, AxBanker, IcRAT, and IcSpy.

Read More

Android Droppers on Google Play Store Distribute Banking Trojans

Nov 10, 2022 1:42:53 PM / by PolySwarm Tech Team posted in Threat Bulletin, Banking, Financial, Android, Trojan, Sharkbot, Brunhilda, Vultur

0 Comments

Verticals Targeted: Financial

Executive Summary

ThreatFabric recently reported on multiple Android droppers found on the Google Play Store distributing banking trojans.

Read More

RatMilad Android Spyware

Oct 17, 2022 11:17:37 AM / by PolySwarm Tech Team posted in Threat Bulletin, Android, Spyware, RatMilad

0 Comments

Executive Summary

Zimperium recently reported on RatMilad, spyware targeting Android devices.

Read More

Harly Android Trojan Subscriber

Oct 13, 2022 1:33:22 PM / by PolySwarm Tech Team posted in Threat Bulletin, Android, Harly, Subscriber, Trojan

0 Comments

Related Families: Jocker

Executive Summary

Kaspersky recently reported on Harly, a trojan subscriber targeting Android devices. Harly can subscribe a victim to a paid service without their knowledge or consent.


Key Takeaways

Read More

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts