Verticals Targeted: Financial
Regions Targeted: US, Canada
Related Families: None
Anatsa Android Banking Trojan Targets US Banks
Jul 18, 2025 2:08:41 PM / by The Hivemind posted in Threat Bulletin, Banker, Banking Trojan, Anatsa, Android Malware, overlay attacks, Google Play Store, credential theft, North America, financial fraud, device takeover, mobile banking
SparkKitty Trojan Targets Mobile Users with Cross-Platform Espionage
Jul 8, 2025 12:50:14 PM / by The Hivemind posted in Threat Bulletin, Android Malware, Cryptocurrency Theft, SparkKitty, iOS malware, App Store, Southeast Asia, SparkCat, Trojan malware, photo exfiltration
Verticals Targeted: Cryptocurrency, Gambling, Adult Entertainment
Regions Targeted: Southeast Asia, China
Related Families: SparkCat
Executive Summary
SparkKitty, a Trojan malware targeting iOS and Android devices, infiltrates official app stores and untrusted websites to steal images from device galleries, primarily aiming to capture cryptocurrency wallet seed phrases. Active since early 2024, it poses a significant threat to users in Southeast Asia and China.
Godfather Evolves With Advanced On-Device Virtualization Capabilities
Jun 30, 2025 1:56:44 PM / by The Hivemind posted in Threat Bulletin, Evolving Threat, Android Malware, Godfather Malware, Mobile Banking Trojan, on-device virtualization, cryptocurrency app attacks, accessibility service abuse, overlay attacks, mobile security threats, banking app hijacking
Verticals Targeted: Financial
Regions Targeted: Not specified
Related Families: None
Executive Summary
Industry researchers have identified an advanced evolution of the Godfather banking trojan, which employs on-device virtualization to hijack mobile banking and cryptocurrency applications on Android devices. This sophisticated technique allows attackers to monitor and control user interactions within a virtualized app environment, posing a significant threat to mobile security.
Crocodilus Evolves, Expands Targeting
Jun 20, 2025 12:01:52 PM / by The Hivemind posted in Threat Bulletin, Banking Trojan, Evolving Threat, Crocodilus, Android Malware, Cryptocurrency Theft, Phishing Campaign, Overlay Attack, Mobile Security, ThreatFabric
Verticals Targeted: Banking, E-commerce, Cryptocurrency
Regions Targeted: Turkey, Poland, Spain, Argentina, Brazil, India, Indonesia, United States
Related Families: None specified