-
New Herodotus Android malware fakes human typing to avoid detection
A new Android malware family, Herodotus, uses random delay injection in its input routines to mimic human behavior on mobile devices and evade timing-based detection by security software.
- October 28, 2025
- 06:00 AM
1
-
Android malware uses VNC to give attackers hands-on access
A new Android banking and remote access trojan (RAT) dubbed Klopatra disguised as an IPTV and VPN app has infected more than 3,000 devices across Europe.
- October 01, 2025
- 02:33 PM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
ERMAC Android malware source code leak exposes banking trojan infrastructure
The source code for version 3 of the ERMAC Android banking trojan has been leaked online, exposing the internals of the malware-as-a-service platform and the operator's infrastructure.
- August 18, 2025
- 02:12 PM
- 0
-
Coyote malware abuses Windows accessibility framework for data theft
A new variant of the banking trojan 'Coyote' has begun abusing a Windows accessibility feature, Microsoft's UI Automation framework, to identify which banking and cryptocurrency exchange sites are accessed on the device for potential credential theft.
- July 22, 2025
- 01:54 PM
- 0
-
Android malware Anatsa infiltrates Google Play to target US banks
The Anatsa banking trojan has sneaked into Google Play once more via an app posing as a PDF viewer that counted more than 50,000 downloads.
- July 08, 2025
- 11:00 AM
- 1
-
Godfather Android malware now uses virtualization to hijack banking apps
A new version of the Android malware "Godfather" creates isolated virtual environments on mobile devices to steal account data and transactions from legitimate banking apps.
- June 19, 2025
- 03:54 PM
- 0
-
New DroidBot Android malware targets 77 banking, crypto apps
A new Android banking malware named 'DroidBot' attempts to steal credentials for over 77 cryptocurrency exchanges and banking apps in the UK, Italy, France, Spain, and Portugal.
- December 04, 2024
- 01:26 PM
- 0
-
Android malware "FakeCall" now reroutes bank calls to attackers
A new version of the FakeCall malware for Android hijacks outgoing calls from a user to their bank, redirecting them to the attacker's phone number instead.
- October 30, 2024
- 10:50 AM
- 0
-
TrickMo malware steals Android PINs using fake lock screen
Forty new variants of the TrickMo Android banking trojan have been identified in the wild, linked to 16 droppers and 22 distinct command and control (C2) infrastructures, with new features designed to steal Android PINs.
- October 14, 2024
- 01:34 PM
- 0
-
New Octo Android malware version impersonates NordVPN, Google Chrome
A new version of the Octo Android malware, named "Octo2," has been seen spreading across Europe under the guise of NordVPN, Google Chrome, and an app called Europe Enterprise.
- September 24, 2024
- 05:00 AM
- 0
-
New Medusa malware variants target Android users in seven countries
The Medusa banking trojan for Android has re-emerged after almost a year of keeping a lower profile in campaigns targeting France, Italy, the United States, Canada, Spain, the United Kingdom, and Turkey.
- June 25, 2024
- 01:02 PM
- 0
-
Over 90 malicious Android apps with 5.5M installs found on Google Play
Over 90 malicious Android apps were found installed over 5.5 million times through Google Play to deliver malware and adware, with the Anatsa banking trojan seeing a recent surge in activity.
- May 28, 2024
- 05:48 PM
- 7
-
Banking malware Grandoreiro returns after police disruption
The banking trojan "Grandoreiro" is spreading in a large-scale phishing campaign in over 60 countries, targeting customer accounts of roughly 1,500 banks.
- May 18, 2024
- 10:12 AM
- 0
-
Finland warns of Android malware attacks breaching bank accounts
Finland's Transport and Communications Agency (Traficom) has issued a warning about an ongoing Android malware campaign targeting banking accounts.
- May 05, 2024
- 10:19 AM
- 0
-
New Brokewell malware takes over Android devices, steals data
Security researchers have discovered a new Android banking trojan they named Brokewell that can capture every event on the device, from touches and information displayed to text input and the applications the user launches.
- April 25, 2024
- 06:00 AM
- 2
-
SoumniBot malware exploits Android bugs to evade detection
A new Android banking malware named 'SoumniBot' is using a less common obfuscation approach by exploiting weaknesses in the Android manifest extraction and parsing procedure.
- April 17, 2024
- 05:38 PM
- 0
-
Vultur banking malware for Android poses as McAfee Security app
Security researchers found a new version of the Vultur banking trojan for Android that includes more advanced remote control capabilities and an improved evasion mechanism.
- March 30, 2024
- 11:56 AM
- 0
-
PixPirate Android malware uses new tactic to hide on phones
The latest version of the PixPirate banking trojan for Android employs a previously unseen method to hide from the victim while remaining active on the infected device even if its dropper app has been removed.
- March 13, 2024
- 02:13 PM
- 1
-
Hackers abuse Google Cloud Run in massive banking trojan campaign
Security researchers are warning of hackers abusing the Google Cloud Run service to distribute massive volumes of banking trojans like Astaroth, Mekotio, and Ousaban.
- February 21, 2024
- 04:07 PM
- 0
-
Anatsa Android malware downloaded 150,000 times via Google Play
The Anatsa banking trojan has been targeting users in Europe by infecting Android devices through malware droppers hosted on Google Play.
- February 19, 2024
- 08:34 AM
- 1
.jpg)
