VajraSpy Android Spyware
Feb 20, 2024 12:02:15 PM / by The Hivemind posted in Threat Bulletin, APT, Android, Malware, Spyware, Mobile, VajraSpy
Xamalicious Android Backdoor
Jan 16, 2024 7:42:21 AM / by The Hivemind posted in Threat Bulletin, Android, Backdoor, Mobile, Xamalicious
Executive Summary
SecuriDropper Android Malware
Nov 17, 2023 1:27:39 PM / by The Hivemind posted in Threat Bulletin, Android, Mobile, Ermac, SpyNote, SecuriDropper, Dropper-as-a-service
Related Families: SpyNote, Ermac
Executive Summary
SecuriDropper is a widely distributed dropper-as-a-service that bypasses Android Restricted Settings.
BadBazaar Spyware Variants Delivered Via Trojanized Android Apps
Sep 11, 2023 3:07:00 PM / by The Hivemind posted in Threat Bulletin, Espionage, Android, Mobile, BadBazaar, GREF
Executive Summary
Two GREF espionage campaigns used trojanized Android apps to deliver BadBazaar spyware variants.
SpyNote Targets Utility Company Customers
Aug 4, 2023 2:38:03 PM / by The Hivemind posted in Threat Bulletin, Android, Critical Infrastructure, Mobile, Energy, Utilities, SpyNote
Verticals Targeted: Utilities, Energy, Water, Critical Infrastructure
Wicked Panda Using WyrmSpy and DragonEgg Android Spyware
Jul 31, 2023 2:33:15 PM / by The Hivemind posted in Threat Bulletin, Android, Wicked Panda, Mobile, DragonEgg, WyrmSpy
Executive Summary
Goldoson Android Adware
Apr 28, 2023 2:51:23 PM / by The Hivemind posted in Threat Bulletin, Android, Mobile, Goldoson, Adware
Executive Summary
Goldoson, a privacy-invasive and clicker adware, was recently discovered in several popular Android apps in South Korea. It generates revenue for the threat actors via fraudulent recursive visits to hidden ads on the infected device.
Nexus Android Banking Trojan
Apr 4, 2023 3:28:28 PM / by The Hivemind posted in Threat Bulletin, Banking, Android, Trojan, Botnet, Mobile, POISON, Nexus, Banker, SOVA
Related Families: SOVA
Verticals Targeted: Financial, Cryptocurrency