Mar 29, 2025Ravie LakshmananThreat Intelligence / Mobile Security Cybersecurity researchers have discovered a new Android banking malware called Crocodilus that's primarily designed to target users in Spain and Turkey. "Crocodilus enters the scene not as a simple clone, but as a fully-fledged threat from the outset, equipped with modern techniques such as remote control, … [Read more...] about New Android Trojan Crocodilus Abuses Accessibility to Steal Banking and Crypto Credentials
Android
Protecting Android, Windows, and Linux devices against being tracked via the Find My network
AirTags are a popular tracking device used by anyone from forgetful key owners to those with malicious intent, such as jealous spouses and car thieves. Using AirTags for spying is simple: a tag is discreetly placed on the target to allow their movements to be conveniently monitored using Apple Find My. We’ve even added protection from AirTag-based tracking to our products for … [Read more...] about Protecting Android, Windows, and Linux devices against being tracked via the Find My network
Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone
Feb 28, 2025Ravie LakshmananMobile Security / Zero-Day A 23-year-old Serbian youth activist had their Android phone targeted by a zero-day exploit developed by Cellebrite to unlock the device, according to a new report from Amnesty International. "The Android phone of one student protester was exploited and unlocked by a sophisticated zero-day exploit chain targeting Android … [Read more...] about Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone
Google Confirms Android SafetyCore Enables AI-Powered On-Device Content Classification
Feb 11, 2025Ravie LakshmananMobile Security / Machine Learning Google has stepped in to clarify that a newly introduced Android System SafetyCore app does not perform any client-side scanning of content. "Android provides many on-device protections that safeguard users against threats like malware, messaging spam and abuse protections, and phone scam protections, while … [Read more...] about Google Confirms Android SafetyCore Enables AI-Powered On-Device Content Classification
New Tria stealer intercepts text messages on Android
Getting married is certainly one of the most important events in anyone’s life. And in many cultures, it’s customary to invite hundreds of guests to the celebration — including some you barely know. Cybervillains take advantage of such traditions, using wedding invitations as bait to launch attacks on Android smartphone users. Here’s what threat actors have come up with this … [Read more...] about New Tria stealer intercepts text messages on Android
This $3,000 Android Trojan Targeting Banks and Cryptocurrency Exchanges
Dec 05, 2024Ravie LakshmananCryptocurrency / Mobile Security As many as 77 banking institutions, cryptocurrency exchanges, and national organizations have become the target of a newly discovered Android remote access trojan (RAT) called DroidBot. "DroidBot is a modern RAT that combines hidden VNC and overlay attack techniques with spyware-like capabilities, such as keylogging … [Read more...] about This $3,000 Android Trojan Targeting Banks and Cryptocurrency Exchanges
Google’s New Restore Credentials Tool Simplifies App Login After Android Migration
Nov 25, 2024Ravie LakshmananMobile Security / Privacy Google has introduced a new feature called Restore Credentials to help users restore their account access to third-party apps securely after migrating to a new Android device. Part of Android's Credential Manager API, the feature aims to reduce the hassle of re-entering the login credentials for every app during the … [Read more...] about Google’s New Restore Credentials Tool Simplifies App Login After Android Migration
TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns
Oct 15, 2024Ravie LakshmananMobile Security / Financial Fraud New variants of an Android banking trojan called TrickMo have been found to harbor previously undocumented features to steal a device's unlock pattern or PIN. "This new addition enables the threat actor to operate on the device even while it is locked," Zimperium security researcher Aazim Yaswant said in an … [Read more...] about TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns
Google’s Shift to Rust Programming Cuts Android Memory Vulnerabilities by 52%
Sep 25, 2024Ravie LakshmananSecure Coding / Mobile Security Google has revealed that its transition to memory-safe languages such as Rust as part of its secure-by-design approach has led to the percentage of memory-safe vulnerabilities discovered in Android dropping from 76% to 24% over a period of six years. The tech giant said focusing on Safe Coding for new features not … [Read more...] about Google’s Shift to Rust Programming Cuts Android Memory Vulnerabilities by 52%
Necro Android Malware Found in Popular Camera and Browser Apps on Play Store
Sep 24, 2024Ravie LakshmananMobile Security / Malware Altered versions of legitimate Android apps associated with Spotify, WhatsApp, and Minecraft have been used to deliver a new version of a known malware loader called Necro. Kaspersky said some of the malicious apps have also been found on the Google Play Store. They have been cumulatively downloaded 11 million times. They … [Read more...] about Necro Android Malware Found in Popular Camera and Browser Apps on Play Store