Executive Summary
Two GREF espionage campaigns used trojanized Android apps to deliver BadBazaar spyware variants.
Sep 11, 2023 3:07:00 PM / by The Hivemind posted in Threat Bulletin, Espionage, Android, Mobile, BadBazaar, GREF
Aug 4, 2023 2:38:03 PM / by The Hivemind posted in Threat Bulletin, Android, Critical Infrastructure, Mobile, Energy, Utilities, SpyNote
Verticals Targeted: Utilities, Energy, Water, Critical Infrastructure
Jul 31, 2023 2:33:15 PM / by The Hivemind posted in Threat Bulletin, Android, Wicked Panda, Mobile, DragonEgg, WyrmSpy
Jul 3, 2023 12:37:11 PM / by The Hivemind posted in Threat Bulletin, Banking, Financial, Android, Trojan, Banking Trojan, Anatsa
Verticals Targeted: Financial
Related Families: AhMyth
Apr 28, 2023 2:51:23 PM / by The Hivemind posted in Threat Bulletin, Android, Mobile, Goldoson, Adware
Apr 4, 2023 3:28:28 PM / by The Hivemind posted in Threat Bulletin, Banking, Android, Trojan, Botnet, Mobile, POISON, Nexus, Banker, SOVA
Related Families: SOVA
Verticals Targeted: Financial, Cryptocurrency
Feb 3, 2023 1:20:46 PM / by The Hivemind posted in Threat Bulletin, Android, Shaoye, Xloader, Roaming Mantis, DNS, Wroba.o
Related Families: Wroba.o, Xloader
Executive Summary
Kaspersky SecureList recently reported on a Roaming Mantis campaign using Wroba.o with DNS hijacking to infect routers and Android devices.
Key Takeaways