Verticals Targeted: Financial
Ajina Android Malware
Sep 23, 2024 2:03:45 PM / by The Hivemind posted in Threat Bulletin, Android, Banker, Ajina
Mandrake Android Spyware
Aug 5, 2024 2:46:26 PM / by The Hivemind posted in Threat Bulletin, Android, Spyware, Mandrake, APK
Executive Summary
A new version of Mandrake Android spyware was observed being distributed by multiple Android APKs on the Google Play store earlier this year.
New CapraRAT Activity
Jul 12, 2024 2:44:05 PM / by The Hivemind posted in Threat Bulletin, Espionage, Android, CapraRAT, Spyware, Mobile, Surveillance
Executive Summary
Pakistan-based threat actor group Mythic Leopard was recently observed using new CapraRAT samples to expand their targeting.
New Medusa Android Banking Trojan Variant Discovered
Jul 1, 2024 1:28:23 PM / by The Hivemind posted in Threat Bulletin, Banking, Financial, Android, Trojan, Mobile, Medusa, on-device fraud
Verticals Targeted: Financial
Executive Summary
A new variant of the Android banking trojan Medusa was recently discovered. This variant boasts a smaller footprint, needs fewer device permissions, and has full-screen overlay capabilities.
Cosmic Leopard Activity Targets Windows, MacOS, & Android
Jun 17, 2024 3:15:17 PM / by The Hivemind posted in Threat Bulletin, Android, Windows, MacOS, Cosmic Leopard, GravityRAT, Operation Celestial Force, HeavyLift, GravityAdmin
Related Families: GravityRAT, HeavyLift, GravityAdmin
Verticals Targeted: Defense, Government, Technology
Executive Summary
Cosmic Leopard was observed targeting Windows, MacOS, and Android devices in a series of ongoing campaigns dubbed Operation Celestial Force. The threat actors used GravityRAT and HeavyLift to target entities in India.
Brokewell Android Banking Trojan
May 6, 2024 2:48:46 PM / by The Hivemind posted in Threat Bulletin, Financial, Android, Trojan, Banker, Banking Trojan, Baron Samedit, Brokewell
Verticals Targeted: Financial
Executive Summary
Brokewell is a newly discovered Android banking trojan with Device Takeover capabilities. Despite being a newcomer to the threat landscape, Brokewell poses a significant threat to the banking industry.
Vultur Android Malware
Apr 5, 2024 1:49:09 PM / by The Hivemind posted in Threat Bulletin, Android, Brunhilda, Vultur, Mobile, Banker
Related Families: Brunhilda
Verticals Targeted: Financial
VajraSpy Android Spyware
Feb 20, 2024 12:02:15 PM / by The Hivemind posted in Threat Bulletin, APT, Android, Malware, Spyware, Mobile, VajraSpy