Mobile

Pierluigi Paganini May 19, 2023
Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

The Lemon Group cybercrime ring has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. A cybercrime group tracked has Lemon Group has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. Infected devices were used for multiple malicious activities, including traffic redirections through mobile proxies, info-stealing, click fraud, and […]

Pierluigi Paganini May 18, 2023
Apple fixed three new actively exploited zero-day vulnerabilities

Apple released security updates to address three zero-day vulnerabilities in iPhones, Macs, and iPads that are actively exploited in attacks. Apple has addressed three new zero-day vulnerabilities that are actively exploited in attacks in the wild to hack into iPhones, Macs, and iPads. The three vulnerabilities, tracked as CVE-2023-32409, CVE-2023-28204, and CVE-2023-32373, reside in the […]

Pierluigi Paganini May 05, 2023
Fleckpe Android malware totaled +620K downloads via Google Play Store

Fleckpe is a new Android subscription Trojan that was discovered in the Google Play Store, totaling more than 620,000 downloads since 2022. Fleckpe is a new Android subscription Trojan that spreads via Google Play, the malware discovered by Kaspersky is hidden in photo editing apps, smartphone wallpaper packs, and other general-purpose apps. The malicious campaign […]

Pierluigi Paganini May 01, 2023
Google banned 173k developer accounts in 2022

In 2022, Google prevented 1.43 million policy-violating apps from being published in the official Google Play store. Google announced that it prevented 1.43 million policy-violating applications from being published on Google Play in 2022. The IT giant also announced it has banned 173k developer accounts and prevented over $2 billion in fraudulent and abusive transactions. Google […]

Pierluigi Paganini April 26, 2023
China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

China-linked threat actor tracked as Alloy Taurus is using a Linux variant of the PingPull backdoor and a new tool dubbed Sword2033. Researchers from Palo Alto Networks Unit 42 recently observed the China-linked Alloy Taurus group  (aka GALLIUM, Softcell) targeting Linux systems with a new variant of PingPull backdoor. While investigating the activity of the group, the […]

Pierluigi Paganini April 19, 2023
PWNYOURHOME, FINDMYPWN, LATENTIMAGE: 3 iOS Zero-Click exploits used by NSO Group in 2022

Citizen Lab reported that Israeli surveillance firm NSO Group used at least three iOS zero-click exploits in 2022. A new report from Citizen Lab states that the Israeli surveillance firm NSO Group used at least three zero-click zero-day exploits to deliver its Pegasus spyware. In 2022, the Citizen Lab analyzed the NSO Group activity after finding […]

Pierluigi Paganini April 17, 2023
New QBot campaign delivered hijacking business correspondence

Kaspersky researchers warn of a new QBot campaign leveraging hijacked business emails to deliver malware. In early April, Kaspersky experts observed a surge in attacks that QBot malware attacks (aka Qakbot, QuackBot, and Pinkslipbot). QBot has been active since 2008, it is used by threat actors for collecting browsing data and banking credentials, and other […]

Pierluigi Paganini April 15, 2023
New Android malicious library Goldoson found in 60 apps +100M downloads

A new Android malware named Goldoson was distributed through 60 legitimate apps on the official Google Play store. The Goldoson library was discovered by researchers from McAfee’s Mobile Research Team, it collects lists of applications installed on a device, and a history of Wi-Fi and Bluetooth devices information, including nearby GPS locations. The third-party library can perform ad fraud by clicking advertisements […]

Pierluigi Paganini April 15, 2023
CISA adds bugs in Android and Novi Survey to its Known Exploited Vulnerabilities catalog

US Cybersecurity and Infrastructure Security Agency (CISA) added Android and Novi Survey flaws to its Known Exploited Vulnerabilities catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the following five new issues to its Known Exploited Vulnerabilities Catalog: Google addressed the vulnerability CVE-2023-20963 with the release of “The Android Security Bulletin—March 2023” security updates. The […]

Pierluigi Paganini April 13, 2023
A flaw in the Kyocera Android printing app can be abused to drop malware

Security experts warn that a Kyocera Android printing app is vulnerable to improper intent handling and can be abused to drop malware. An improper intent handling issue affecting the Kyocera Android printing app can allow malicious applications to drop malware. Such kinds of flaws expose a resource to the wrong control sphere, providing unintended actors with inappropriate […]