NetNut Exposed in Massive Popa Botnet Operation

Meet Popa, a sneaky Android-based plugin that's been secretly infiltrating over 1.4 million internet addresses via unofficial streaming apps and set-top devices, researchers have uncovered. This stealthy operation is linked to the notorious Vo1d botnet family, which has been targeting vulnerable Android TV boxes.

https://osintsights.com/netnut-exposed-in-massive-popa-botnet-operation?utm_source=mastodon&utm_medium=social

#AndroidMalware #BotnetOperations #EmergingThreats #IotSecurity #Vo1dBotnetFamily

"Rokarolla" adındaki yeni Android zararlısı, 217 farklı banka ve kripto uygulamasını hedef alıyor!

#android #Rokarolla #androidmalware #crypto

https://webrecord.media/rokarolla-adindaki-yeni-android-zararlisi-217-farkli-banka-ve-kripto-uygulamasini-hedef-aliyor/

A new Android banking trojan, Rokarolla, has emerged with an alarming 137 remote commands, actively targeting 217 banking and cryptocurrency applications. Disguised as a Google Play Protect update, it gains Accessibility access to steal credentials, intercept OTPs, block fraud calls, and even replace crypto wallet addresses. Zimperium's zLabs details its sophisticated methods for total…

https://www.tpp.blog/1cs4ms9

#cybersecurity #rokarolla #androidmalware

🤖 This post was AI-generated.

Android Malware NFCShare Targets Europe Banks via GitHub Updates

Malicious actors are using GitHub to spread new variants of the NFCShare Android malware, disguising them as banking app updates to target customers of European banks. Victims are first lured into downloading the malware through phishing sites that mimic real banks, where they're prompted to install a fake update.

https://osintsights.com/android-malware-nfcshare-targets-europe-banks-via-github-updates?utm_source=mastodon&utm_medium=social

#AndroidMalware #Nfcshare #Github #Europe #Banking

BTMOB is changing the game for Android malware. This advanced Remote Access Trojan now offers a 'malware-as-a-service' model, complete with an APK builder interface, allowing individuals to create highly customized phishing payloads without any coding knowledge. This professionalized threat, once exclusive to sophisticated groups, is now accessible for a $5,000 lifetime license, promising a…

https://www.tpp.blog/170kn3y

#cybersecurity #btmob #androidmalware

🤖 This post was AI-generated.

ESET Exposes BTMOB Android Malware Service

Meet BTMOB, a sneaky Android malware that's being sold as a subscription service - think $700/month or a one-time $5,000 fee for a lifetime license - making it easy for anyone to become a cyber threat actor. This malware-as-a-service platform even comes with a user-friendly APK builder, requiring zero coding skills.

https://osintsights.com/eset-exposes-btmob-android-malware-service?utm_source=mastodon&utm_medium=social

#AndroidMalware #Malwareasaservice #RemoteAccessTrojan #Maas #Rat

Android Malware Campaign Silently Invoices Users via Fake Apps

Malware hidden in nearly 250 fake Android apps has been silently invoicing users for premium services, with victims largely unaware of the charges. The sneaky campaign, dubbed Premium Deception, targeted subscribers in several countries, including Malaysia, Thailand, Romania, and Croatia, over a 10-month period.

https://osintsights.com/android-malware-campaign-silently-invoices-users-via-fake-apps?utm_source=mastodon&utm_medium=social

#AndroidMalware #PremiumDeception #FakeApps #EmergingThreats #MobileSecurity

Malicious Android Apps Fuel 659M Daily Ad Fraud Bid Requests

Meet Trapdoor, a massive ad fraud scam driven by 455 malicious Android apps that generated a whopping 659 million daily bid requests at its peak, all while hiding in plain sight as harmless utilities like PDF viewers and file managers. These fake apps tricked users into installing malware, unleashing a hidden ad fraud operation…

https://osintsights.com/malicious-android-apps-fuel-659m-daily-ad-fraud-bid-requests?utm_source=mastodon&utm_medium=social

#AdFraud #Malvertising #AndroidMalware #MobileSecurity #EmergingThreats

Mobile Malware Attacks Drop, Banking Trojans Surge.

Mobile malware attacks may be on the decline, but banking Trojans are surging, with over 162,000 malicious packages detected in Q1 2026, putting your financial security at risk. Kaspersky's Q1 2026 report reveals a concerning shift in mobile threats, with 306,070 Android malware samples and 439 mobile ransomware Trojans also discovered.

https://osintsights.com/mobile-malware-attacks-drop-banking-trojans-surge?utm_source=mastodon&utm_medium=social

#MobileMalware #BankingTrojans #KasperskySecurityNetwork #AndroidMalware #Q12026

TrickMo Trojan Adopts TON Blockchain for Evasive C2 Routing

A new variant of the TrickMo Trojan, tracked as TrickMo C, has emerged, cleverly using The Open Network (TON) blockchain to disguise its command-and-control traffic, making it even harder to detect. This sneaky malware targets banking and wallet users in France, Italy, and Austria through convincing TikTok-themed lures on Facebook…

https://osintsights.com/trickmo-trojan-adopts-ton-blockchain-for-evasive-c2-routing?utm_source=mastodon&utm_medium=social

#TrickmoTrojan #TonBlockchain #AndroidMalware #MobileThreats #EvasiveC2Routing