#SMS #SPAM #SCAM #PHISHING #BETRUG
Diese SMS hatte ich heute morgen auf meinem Smartphone.
Dabei hab‘ ich gar kein Konto bei der Sparkasse 😌
Ist wohl ne üble Betrugsmasche. Die Rufnummer schon als Gefahr gelistet. Am besten (als Spam) melden und ab in die 🚮
Newly Registered Domains Distributing SpyNote Malware
Cybercriminals are employing deceptive websites on newly registered domains to distribute AndroidOS SpyNote malware. These sites imitate the Google Chrome install page on the Google Play Store, tricking users into downloading SpyNote, a powerful Android remote access trojan. SpyNote is used for surveillance, data exfiltration, and remote control of infected devices. The investigation uncovered multiple domains, IP addresses, and APK files associated with this campaign. The malware utilizes various C2 endpoints for communication and data exfiltration, with functions designed to retrieve and manipulate device information, contacts, SMS, and applications.
Pulse ID: 67feb504b76dd387be73309b
Pulse Link: https://otx.alienvault.com/pulse/67feb504b76dd387be73309b
Pulse Author: AlienVault
Created: 2025-04-15 19:35:32
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#APK #Android #Chrome #CyberSecurity #DoS #Endpoint #Google #GooglePlay #InfoSec #Malware #OTX #OpenThreatExchange #RAT #RemoteAccessTrojan #SMS #SpyNote #Trojan #bot #AlienVault
the reason…
#reason #excuse #sms #frogs #seized #smartphone #animatedgif
the reason…
#reason #excuse #sms #frogs #seized #smartphone #animatedgif
A busy student's credit score was getting affected, since she missed her monthly payment. She was busy with exams. Her brother helped her by setting up a #PalUpNow! #reminder. That worked. All she needed was a gentle #SMS nudge.
#life #mobile #school #bills
👇🏽
🕰️Student Pays Monthly Bill On Time With A Nudge From Reminders
https://palupnow.com/blogs/f/busy-student-pays-monthly-bill-on-time-with-help-from-reminders
North Korean APT37 Mobile Spyware Discovered
A new Android spyware called KoSpy has been attributed to the North Korean group APT37 (ScarCruft). The malware, active since March 2022, targets Korean and English-speaking users by masquerading as utility apps. KoSpy uses a two-stage C2 infrastructure, retrieving initial configurations from Firebase cloud databases. It can collect extensive data, including SMS messages, call logs, location, files, audio, and screenshots via dynamically loaded plugins. The spyware has been distributed through Google Play and third-party app stores. Evidence suggests infrastructure sharing with APT43 (Kimsuky), another North Korean state-sponsored group. KoSpy's capabilities include collecting sensitive information, recording audio, capturing screenshots, and keylogging. The campaign targets Korean and English speakers, with samples available on Google Play and third-party stores.
Pulse ID: 67faa89090f9e91934f02cf2
Pulse Link: https://otx.alienvault.com/pulse/67faa89090f9e91934f02cf2
Pulse Author: AlienVault
Created: 2025-04-12 17:53:20
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#APT37 #Android #Cloud #CyberSecurity #Google #GooglePlay #InfoSec #Kimsuky #Korea #Malware #NorthKorea #OTX #OpenThreatExchange #RAT #SMS #ScarCruft #SpyWare #UK #bot #AlienVault
John M.
OTX Bot
Koreus
Slim Bill (He/Him)
Debacle
@Om
@Om*
@Om*
PalUpNow! 🩵
