SecureList

FEBRUARY 26, 2024

million malware, adware, and riskware attacks. The most common threat to mobile devices was adware: 40.8% million malicious installation packages, 154,000 of these containing a mobile banking Trojan. The Trojan-SMS-type malware saw its activity decrease significantly, dropping six positions from 2022. 14.82 -1.81

Mobile 137

Mobile Malware Adware Banking 137

eSecurity Planet

FEBRUARY 26, 2025

Cybercriminals are shifting their focus from emails to text messages, using mishing a more deceptive form of phishing to target mobile users and infiltrate corporate networks, according to new security research by Zimperium. Zimperium found that mishing activity peaked in August 2024, with over 1,000 daily attacks recorded. What is mishing?

Phishing 87

Phishing Mobile Social Engineering Data breaches 87

The Last Watchdog

AUGUST 19, 2021

At the start of this week, word got out that hackers claimed to have seized personal data for as many as 100 million T-Mobile patrons. This stolen booty reportedly included social security numbers, phone numbers, names, home addresses, unique IMEI numbers, and driver’s license information. This was not a sophisticated attack.

Mobile 235

Mobile Data breaches Authentication Accountability 235

The Hacker News

DECEMBER 2, 2024

Over a dozen malicious Android apps identified on the Google Play Store that have been collectively downloaded over 8 million times contain malware known as SpyLoan, according to new findings from McAfee Labs.

Social Engineering 139

Social Engineering Malware Mobile Engineering 139

The Last Watchdog

JUNE 18, 2018

They are scrambling to invent and deliver a fresh portfolio of mobile banking services that appeal to millennials. Related articles: Hackers revamp tactics, target mobile wallets. And then we got down to discussing the high-bar banks must meet to maintain trustworthiness, while attempting to leverage mobile banking services.

Banking 173

Banking Mobile Social Engineering Authentication 173

Krebs on Security

FEBRUARY 26, 2023

Web hosting giant GoDaddy made headlines this month when it disclosed that a multi-year breach allowed intruders to steal company source code, siphon customer and employee login credentials, and foist malware on customer websites. But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee.

Hacking 327

Hacking Social Engineering Phishing Scams 327

Security Affairs

NOVEMBER 30, 2024

SpyLoan apps exploit social engineering to gain sensitive user data and excessive permissions, leading to extortion, harassment, and financial loss. Some of the malicious apps were promoted through deceptive advertising on social media. Some apps were suspended by Google from Google Play while others were updated by the developers.

Social Engineering 130

Social Engineering Media Mobile Scams 130

SecureList

MARCH 25, 2025

Note that for mobile banking malware, we retrospectively revised the 2023 numbers to provide more accurate statistics. We also changed the methodology for PC banking malware by removing obsolete families that no longer use Trojan banker functionality, hence the sharp drop in numbers against 2023. of all mobile banker attacks.

Phishing 74

Phishing Banking Scams Mobile 74

SecureWorld News

DECEMBER 10, 2024

Zimperium's zLabs team has uncovered a dangerous new variant of the Antidot banking trojan, dubbed AppLite, that is targeting Android devices through sophisticated mobile phishing (mishing) campaigns. Corporate Exploitation: Poses risks to companies by stealing credentials from employee devices used for remote work.

Mobile 108

Mobile Social Engineering Banking Phishing 108

The Last Watchdog

JUNE 13, 2018

The most profound threat to corporate networks isn’t the latest, greatest malware. With our affiliations and preferences put in play by search engines and social media, we’re perfect patsies for social engineering. Related article: Is your mobile device spying on you? It’s carbon-based life forms.

Mobile 182

Mobile Banking IoT Social Engineering 182

Heimadal Security

OCTOBER 13, 2022

New research conducted by a Dutch mobile security company recently discovered a network of phishing websites targeting Italian online-banking users to get a hold of their credentials. The post New Android Banking Malware Deployed Using Vishing appeared first on Heimdal Security Blog. How […].

Banking 124

Banking Malware Social Engineering Mobile 124

Krebs on Security

MARCH 23, 2022

Microsoft says LAPSUS$ — which it boringly calls “ DEV-0537 ” — mostly gains illicit access to targets via “social engineering.” Sources tell KrebsOnSecurity that LAPSUS$ has been recruiting insiders via multiple social media platforms since at least November 2021.

Social Engineering 333

Social Engineering Accountability Mobile Passwords 333

Security Affairs

FEBRUARY 27, 2021

The telecommunications giant T-Mobile disclosed a data breach after some of its customers were apparently affected by SIM swap attacks. The telecommunications provider T-Mobile has disclosed a data breach after it became aware that some of its customers were allegedly victims of SIM swap attacks.

Mobile 135

Mobile Data breaches Telecommunications Accountability 135

Security Affairs

DECEMBER 12, 2024

These are the first known mobile malware families linked to the Russian APT. The two malware families can collect data such as SMS messages, call logs, phone call audio, photos from device cameras, device location, and contact lists. These findings tie the mobile surveillance families to Gamaredons desktop campaigns.

Mobile 99

Mobile Malware Surveillance Social Engineering 99

The Hacker News

JULY 1, 2024

The threat actor known as Transparent Tribe has continued to unleash malware-laced Android apps as part of a social engineering campaign to target individuals of interest.

Spyware 136

Spyware Social Engineering Mobile Engineering 136

Hot for Security

JUNE 15, 2021

Our mobile devices are not just a means to communicate with others. Mobile security is often overlooked by many technology users, who dismiss the reality of security risks brought by careless interactions with the digital world. Threat actors know that users often behave recklessly with their smart devices. Back up data.

Mobile 137

Mobile Banking Phishing Social Engineering 137

The Hacker News

DECEMBER 1, 2023

Cybersecurity researchers have disclosed a new sophisticated Android malware called FjordPhantom that has been observed targeting users in Southeast Asian countries like Indonesia, Thailand, and Vietnam since early September 2023.

Banking 107

Banking Malware Social Engineering Mobile 107

SecureList

DECEMBER 17, 2024

The attackers would then send what appeared to be the photo itself but was actually a malware installer. In reality, this was malware with no parcel-tracking functionality whatsoever. Our security products detect the malware spreading via this scam as Trojan-Banker.AndroidOS.Mamont. Indicators of compromise C2 server apisys003[.]com

Scams 93

Scams Malware Social Engineering Banking 93

Security Affairs

AUGUST 23, 2024

Cybercriminals use progressive web applications (PWA) to impersonate banking apps and steal credentials from mobile users. ESET researchers detailed a phishing campaign against mobile users that uses Progressive Web Applications (PWAs).

Phishing 133

Phishing Mobile Banking Social Engineering 133

The Hacker News

NOVEMBER 20, 2023

Android smartphone users in India are the target of a new malware campaign that employs social engineering lures to install fraudulent apps that are capable of harvesting sensitive data.

Social Engineering 139

Social Engineering Banking Government Mobile 139

Krebs on Security

APRIL 6, 2022

Many organizations are already struggling to combat cybersecurity threats from ransomware purveyors and state-sponsored hacking groups, both of which tend to take days or weeks to pivot from an opportunistic malware infection to a full blown data breach. Most targeted employees are working from home or can be reached on a mobile device.

Social Engineering 291

Social Engineering Phishing Engineering Accountability 291

SecureWorld News

JUNE 29, 2023

In today's interconnected world, mobile devices have become an integral part of our lives, enabling seamless communication, productivity, and access to sensitive information. However, as reliance on mobile technology grows, so does the risk of cyber threats targeting these devices.

Mobile 98

Mobile IoT Social Engineering Phishing 98

Daniel Miessler

MAY 19, 2021

Top three patterns in breaches were: social engineering, basic web application attacks, and system intrusion. Top three patterns in incidents were: denial of service, basic web application attacks, and social engineering. Top three for middle: malware, hacking, social. 61% of breaches involved credentials.

Data breaches 192

Data breaches Social Engineering Ransomware Phishing 192

Security Affairs

DECEMBER 27, 2023

Researchers discovered a new Android malware dubbed Xamalicious that can take full control of the device and perform fraudulent actions. McAfee Mobile Research Team discovered a new Android backdoor dubbed Xamalicious that can take full control of the device and perform fraudulent actions. ” reads the report published by McAfee.

Malware 131

Malware Encryption Social Engineering Marketing 131

Security Affairs

NOVEMBER 15, 2021

The malware has been active at least since late October 2021, it targeting the mobile users of banks in Italy, the UK, and the US. The trojan allows to hijack users’ mobile devices and steal funds from online banking and cryptocurrency accounts. The name comes after one of the domains used for its command and control servers.

Banking 144

Banking Mobile Social Engineering Malware 144

Security Affairs

NOVEMBER 10, 2021

Researchers from Zimperium zLabs uncovered an ongoing campaign aimed at infecting the mobile phones of South Korean users with new sophisticated android spyware dubbed PhoneSpy. The malware already hit more than a thousand South Korean victims. The malware also allows an attacker to remotely control the infected mobile devices.

Spyware 145

Spyware Mobile Social Engineering Malware 145

SecureList

JANUARY 30, 2025

Introduction Since mid-2024, we’ve observed a malicious Android campaign leveraging wedding invitations as a lure to social-engineer victims into installing a malicious Android app (APK), which we have named “Tria Stealer” after unique strings found in campaign samples. Contact me at ‘[link].

Accountability 99

Accountability Malware Banking Phishing 99

Security Affairs

SEPTEMBER 24, 2024

The new malware has already targeted users in European countries, including Italy, Poland, Moldova, and Hungary. Octo2 is linked to the Exobot malware, first identified in 2016, which also gave rise to another variant called Coper in 2021. This leak likely prompted the original threat actor’s release of a new version, Octo2.

Banking 128

Banking Mobile Malware Social Engineering 128

Krebs on Security

NOVEMBER 6, 2018

that has been tracking down individuals engaged in unauthorized “SIM swaps” — a complex form of mobile phone fraud that is often used to steal large amounts of cryptocurrencies and other items of value from victims. In early July 2018, Ferri was traveling in Europe when he discovered his T-Mobile phone no longer had service.

Mobile 267

Mobile Cryptocurrency Accountability Passwords 267

Security Boulevard

JANUARY 24, 2025

A malicious generative AI chatbot dubbed "GhostGPT" is being advertised to cybercriminals on underground forums as a tool for more quickly and efficiently creating malware, running BEC attacks, and other nefarious activities, lowering the barrier for less-skilled hackers to launch attacks.

Advertising 129

Advertising Malware Social Engineering Engineering 129

Security Boulevard

DECEMBER 1, 2021

The Finnish National Cyber Security Centre (NCSC-FI) has issued a warning to citizens about the current version of the FluBot malware campaign which is affecting “tens of thousands of people in Finland.” The malware campaign leverages SMS by sending out numerous text messages, according to NCSC-FI.

Malware 145

Malware Social Engineering Engineering Mobile 145

The Last Watchdog

APRIL 28, 2020

That, of course, presents the perfect environment for cybercrime that pivots off social engineering. Social engineering invariably is the first step in cyber attacks ranging from phishing and ransomware to business email compromise ( BEC ) scams and advanced persistent threat ( APT ) hacks.

Social Engineering 174

Social Engineering Cyber Attacks Scams Engineering 174

Security Affairs

FEBRUARY 8, 2024

Email Threats: More than 75% of targeted attacks start with an email, delivering 94% of malware. Generative AI Impact : Generative AI will have a big role in cyber security, especially in areas like email protection and fighting social engineering attacks. Cyber Skills Gap: By 2025, there could be 3.5

Social Engineering 142

Social Engineering Cyber Attacks Cyber Insurance IoT 142

Security Boulevard

JUNE 28, 2024

The post Temu is Malware — It Sells Your Info, Accuses Ark. Chinese fast-fashion-cum-junk retailer “is a data-theft business.” AG appeared first on Security Boulevard.

Malware 137

Malware Retail Social Engineering Data privacy 137

Bleeping Computer

FEBRUARY 15, 2024

A new iOS and Android trojan named 'GoldPickaxe' employs a social engineering scheme to trick victims into scanning their faces and ID documents, which are believed to be used to generate deepfakes for unauthorized banking access. [.]

Social Engineering 112

Social Engineering Banking Malware Engineering 112

CyberSecurity Insiders

MAY 28, 2023

Malware Analysis: Explore malware types, their behavior, and the techniques used for analyzing and detecting them. Investigate malware’s propagation methods, evasion techniques, and methods for identifying and mitigating potential threats.

Cybersecurity 111

Cybersecurity Penetration Testing Social Engineering IoT 111

Schneier on Security

JUNE 20, 2018

To achieve this the adversary might use social engineering techniques such as phishing and vishing and/or tools such as Man-in-the-Browser malware. For example, an adversary can try to trick a victim into transferring money to a different account than the one intended.

Authentication 181

Authentication Banking Social Engineering Mobile 181