SecureList

MARCH 1, 2021

In 2020, Kaspersky mobile products and technologies detected: 5,683,694 malicious installation packages, 156,710 new mobile banking Trojans, 20,708 new mobile ransomware Trojans. Pandemic theme in mobile threats. The mobile malware Trojan-Ransom.AndroidOS.Agent.aq The year in figures. Trends of the year.

Mobile 145

Mobile Malware Adware Banking 145

Security Affairs

MARCH 29, 2025

“This report explores the features of Crocodilus, its links to known threat actors, and how it lures victims into helping the malware steal their own credentials.” ” The new threat mimics modern banking malware, using overlay attacks, keylogging, and remote access. ” ThreatFabric concludes.

Banking 70

Banking Mobile Identity Theft Malware 70

Malwarebytes

APRIL 24, 2025

Then you’re like millions of other users now at risk from a new form of cybercrime – malware that can read your credit or debit card and hand its data over to an attacker. The malware, which cybersecurity company Cleafy calls SuperCard X, uses a feature now found in most Android phones: near-field communication (NFC).

Malware 94

Malware Banking Software Social Engineering 94

SecureList

FEBRUARY 26, 2024

million malware, adware, and riskware attacks. The most common threat to mobile devices was adware: 40.8% million malicious installation packages, 154,000 of these containing a mobile banking Trojan. The Trojan-SMS-type malware saw its activity decrease significantly, dropping six positions from 2022. 14.82 -1.81

Mobile 137

Mobile Malware Adware Banking 137

The Last Watchdog

AUGUST 19, 2021

At the start of this week, word got out that hackers claimed to have seized personal data for as many as 100 million T-Mobile patrons. This stolen booty reportedly included social security numbers, phone numbers, names, home addresses, unique IMEI numbers, and driver’s license information. This was not a sophisticated attack.

Mobile 235

Mobile Data breaches Authentication Accountability 235

Krebs on Security

FEBRUARY 26, 2023

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee.

Hacking 332

Hacking Social Engineering Phishing Scams 332

eSecurity Planet

FEBRUARY 26, 2025

Cybercriminals are shifting their focus from emails to text messages, using mishing a more deceptive form of phishing to target mobile users and infiltrate corporate networks, according to new security research by Zimperium. Zimperium found that mishing activity peaked in August 2024, with over 1,000 daily attacks recorded. What is mishing?

Phishing 82

Phishing Mobile Social Engineering Data breaches 82

Security Affairs

NOVEMBER 30, 2024

SpyLoan apps exploit social engineering to gain sensitive user data and excessive permissions, leading to extortion, harassment, and financial loss. Some of the malicious apps were promoted through deceptive advertising on social media. Some apps were suspended by Google from Google Play while others were updated by the developers.

Social Engineering 132

Social Engineering Media Mobile Scams 132

The Hacker News

DECEMBER 2, 2024

Over a dozen malicious Android apps identified on the Google Play Store that have been collectively downloaded over 8 million times contain malware known as SpyLoan, according to new findings from McAfee Labs.

Social Engineering 133

Social Engineering Malware Mobile Engineering 133

SecureWorld News

DECEMBER 10, 2024

Zimperium's zLabs team has uncovered a dangerous new variant of the Antidot banking trojan, dubbed AppLite, that is targeting Android devices through sophisticated mobile phishing (mishing) campaigns. Corporate Exploitation: Poses risks to companies by stealing credentials from employee devices used for remote work.

Mobile 109

Mobile Social Engineering Banking Phishing 109

The Last Watchdog

JUNE 13, 2018

The most profound threat to corporate networks isn’t the latest, greatest malware. With our affiliations and preferences put in play by search engines and social media, we’re perfect patsies for social engineering. Related article: Is your mobile device spying on you? It’s carbon-based life forms.

Mobile 182

Mobile Banking IoT Social Engineering 182

SecureList

MARCH 25, 2025

Note that for mobile banking malware, we retrospectively revised the 2023 numbers to provide more accurate statistics. We also changed the methodology for PC banking malware by removing obsolete families that no longer use Trojan banker functionality, hence the sharp drop in numbers against 2023. of all mobile banker attacks.

Phishing 77

Phishing Banking Scams Mobile 77

Heimadal Security

OCTOBER 13, 2022

New research conducted by a Dutch mobile security company recently discovered a network of phishing websites targeting Italian online-banking users to get a hold of their credentials. The post New Android Banking Malware Deployed Using Vishing appeared first on Heimdal Security Blog. How […].

Banking 124

Banking Malware Social Engineering Mobile 124

Security Affairs

FEBRUARY 27, 2021

The telecommunications giant T-Mobile disclosed a data breach after some of its customers were apparently affected by SIM swap attacks. The telecommunications provider T-Mobile has disclosed a data breach after it became aware that some of its customers were allegedly victims of SIM swap attacks.

Mobile 136

Mobile Data breaches Telecommunications Identity Theft 136

Security Affairs

DECEMBER 12, 2024

These are the first known mobile malware families linked to the Russian APT. The two malware families can collect data such as SMS messages, call logs, phone call audio, photos from device cameras, device location, and contact lists. These findings tie the mobile surveillance families to Gamaredons desktop campaigns.

Mobile 100

Mobile Malware Surveillance Social Engineering 100

Hot for Security

JUNE 15, 2021

Our mobile devices are not just a means to communicate with others. Mobile security is often overlooked by many technology users, who dismiss the reality of security risks brought by careless interactions with the digital world. Threat actors know that users often behave recklessly with their smart devices. Back up data.

Mobile 137

Mobile Banking Phishing Social Engineering 137

SecureList

DECEMBER 17, 2024

The attackers would then send what appeared to be the photo itself but was actually a malware installer. In reality, this was malware with no parcel-tracking functionality whatsoever. Our security products detect the malware spreading via this scam as Trojan-Banker.AndroidOS.Mamont. Indicators of compromise C2 server apisys003[.]com

Scams 96

Scams Malware Banking Social Engineering 96

Security Affairs

AUGUST 23, 2024

Cybercriminals use progressive web applications (PWA) to impersonate banking apps and steal credentials from mobile users. ESET researchers detailed a phishing campaign against mobile users that uses Progressive Web Applications (PWAs).

Phishing 135

Phishing Mobile Banking Social Engineering 135

The Hacker News

JULY 1, 2024

The threat actor known as Transparent Tribe has continued to unleash malware-laced Android apps as part of a social engineering campaign to target individuals of interest.

Spyware 130

Spyware Social Engineering Mobile Engineering 130

The Hacker News

DECEMBER 1, 2023

Cybersecurity researchers have disclosed a new sophisticated Android malware called FjordPhantom that has been observed targeting users in Southeast Asian countries like Indonesia, Thailand, and Vietnam since early September 2023.

Banking 103

Banking Malware Social Engineering Mobile 103

Krebs on Security

APRIL 6, 2022

Many organizations are already struggling to combat cybersecurity threats from ransomware purveyors and state-sponsored hacking groups, both of which tend to take days or weeks to pivot from an opportunistic malware infection to a full blown data breach. Most targeted employees are working from home or can be reached on a mobile device.

Social Engineering 293

Social Engineering Phishing Accountability Engineering 293

SecureWorld News

JUNE 29, 2023

In today's interconnected world, mobile devices have become an integral part of our lives, enabling seamless communication, productivity, and access to sensitive information. However, as reliance on mobile technology grows, so does the risk of cyber threats targeting these devices.

Mobile 98

Mobile IoT Social Engineering Phishing 98

The Hacker News

NOVEMBER 20, 2023

Android smartphone users in India are the target of a new malware campaign that employs social engineering lures to install fraudulent apps that are capable of harvesting sensitive data.

Social Engineering 133

Social Engineering Banking Government Mobile 133

Security Affairs

DECEMBER 27, 2023

Researchers discovered a new Android malware dubbed Xamalicious that can take full control of the device and perform fraudulent actions. McAfee Mobile Research Team discovered a new Android backdoor dubbed Xamalicious that can take full control of the device and perform fraudulent actions. ” reads the report published by McAfee.

Malware 133

Malware Encryption Social Engineering Marketing 133

Daniel Miessler

MAY 19, 2021

Top three patterns in breaches were: social engineering, basic web application attacks, and system intrusion. Top three patterns in incidents were: denial of service, basic web application attacks, and social engineering. Top three for middle: malware, hacking, social. 61% of breaches involved credentials.

Data breaches 192

Data breaches Social Engineering Ransomware Phishing 192

Security Affairs

NOVEMBER 15, 2021

The malware has been active at least since late October 2021, it targeting the mobile users of banks in Italy, the UK, and the US. The trojan allows to hijack users’ mobile devices and steal funds from online banking and cryptocurrency accounts. The name comes after one of the domains used for its command and control servers.

Banking 144

Banking Mobile Social Engineering Malware 144

SecureList

JANUARY 30, 2025

Introduction Since mid-2024, we’ve observed a malicious Android campaign leveraging wedding invitations as a lure to social-engineer victims into installing a malicious Android app (APK), which we have named “Tria Stealer” after unique strings found in campaign samples. Contact me at ‘[link].

Accountability 100

Accountability Malware Banking Phishing 100

Security Affairs

NOVEMBER 10, 2021

Researchers from Zimperium zLabs uncovered an ongoing campaign aimed at infecting the mobile phones of South Korean users with new sophisticated android spyware dubbed PhoneSpy. The malware already hit more than a thousand South Korean victims. The malware also allows an attacker to remotely control the infected mobile devices.

Spyware 145

Spyware Mobile Social Engineering Surveillance 145

Krebs on Security

NOVEMBER 6, 2018

that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. In early July 2018, Ferri was traveling in Europe when he discovered his T-Mobile phone no longer had service.

Mobile 275

Mobile Cryptocurrency Accountability Passwords 275

Security Affairs

SEPTEMBER 24, 2024

The new malware has already targeted users in European countries, including Italy, Poland, Moldova, and Hungary. Octo2 is linked to the Exobot malware, first identified in 2016, which also gave rise to another variant called Coper in 2021. This leak likely prompted the original threat actor’s release of a new version, Octo2.

Banking 129

Banking Mobile Malware Social Engineering 129

Security Boulevard

JANUARY 24, 2025

A malicious generative AI chatbot dubbed "GhostGPT" is being advertised to cybercriminals on underground forums as a tool for more quickly and efficiently creating malware, running BEC attacks, and other nefarious activities, lowering the barrier for less-skilled hackers to launch attacks.

Advertising 129

Advertising Malware Social Engineering Security Awareness 129

Security Boulevard

DECEMBER 1, 2021

The Finnish National Cyber Security Centre (NCSC-FI) has issued a warning to citizens about the current version of the FluBot malware campaign which is affecting “tens of thousands of people in Finland.” The malware campaign leverages SMS by sending out numerous text messages, according to NCSC-FI.

Malware 145

Malware Social Engineering Engineering Mobile 145

SecureList

NOVEMBER 29, 2024

Non-mobile statistics IT threat evolution in Q3 2024. Mobile statistics Targeted attacks New APT threat actor targets Russian government entities In May 2024, we discovered a new APT targeting Russian government organizations. The malware, which received commands via the Dropbox cloud service, was used to download additional payloads.

Energy and Utilities 104

Energy and Utilities Ransomware Malware Government 104

The Last Watchdog

APRIL 28, 2020

That, of course, presents the perfect environment for cybercrime that pivots off social engineering. Social engineering invariably is the first step in cyber attacks ranging from phishing and ransomware to business email compromise ( BEC ) scams and advanced persistent threat ( APT ) hacks.

Social Engineering 174

Social Engineering Cyber Attacks Scams Phishing 174

Security Affairs

FEBRUARY 8, 2024

Email Threats: More than 75% of targeted attacks start with an email, delivering 94% of malware. Generative AI Impact : Generative AI will have a big role in cyber security, especially in areas like email protection and fighting social engineering attacks. Cyber Skills Gap: By 2025, there could be 3.5

Social Engineering 143

Social Engineering Cyber Attacks Cyber Insurance IoT 143

Security Boulevard

JUNE 28, 2024

The post Temu is Malware — It Sells Your Info, Accuses Ark. Chinese fast-fashion-cum-junk retailer “is a data-theft business.” AG appeared first on Security Boulevard.

Malware 137

Malware Retail Social Engineering Data privacy 137

Security Affairs

APRIL 8, 2022

The threat actors use sophisticated social engineering techniques to infect Windows and Android devices of the victims with previously undocumented backdoors. The new malware employed by the threat actors are tracked as Barb(ie) Downloader and BarbWire Backdoor. ” reads the analysis published by Cybereason.

Social Engineering 129

Social Engineering Engineering Malware Accountability 129