An Android remote access trojan named BTMOB is offered to cybercriminals with a builder interface for generating malware payloads tailored to phishing lures. […]
Tag: trojan
AI, Europe, Global Security News, malware
Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users
Latin America and Europe become the target of two banking trojan campaigns that are designed to infect Windows and Android devices with Grandoreiro and BTMOB malware, respectively. That’s according to new findings from WatchGuard and ESET, which have observed the two malware families being used to single out companies in Spain, Portugal, and Mexico, as…
Cybersecurity, Global Security News, Network Security
New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots
Cybersecurity researchers have flagged a new version of the TrickMo Android banking trojan that uses The Open Network (TON) for command-and-control (C2). The new variant, observed by ThreatFabric between January and February 2026, has been observed actively targeting banking and cryptocurrency wallet users in France, Italy, and Austria. “TrickMo relies on a runtime-loaded APK (dex.module),
AI, Apps, Global Security News, malware, Network Security
Android banking Trojan TrickMo evolves using TON network for C2
ThreatFabric found a new TrickMo Android trojan focused on stealth and persistence, moving its command-and-control traffic to the TON network. Security researchers at ThreatFabric have recently identified a new version of TrickMo, a dangerous Android banking trojan that shows how malware operators are focusing less on flashy new features and more on improving stealth, flexibility,…
Global Security News, Network Security
TrickMo Variant Routes Android Trojan Traffic Through TON
ThreatFabric finds new TrickMo Android banking trojan variant routing C2 through The Open Network
Global Security News, malware
TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms
Threat hunters have flagged a previously undocumented Brazilian banking trojan dubbed TCLBANKER that’s capable of targeting 59 banking, fintech, and cryptocurrency platforms. The activity is being tracked by Elastic Security Labs under the moniker REF3076. The malware family is assessed to be a major update of the Maverick, which is known to leverage a worm…
AI, Global Security News
New TCLBanker malware self-spreads over WhatsApp and Outlook
A new trojan named TCLBanker, which targets 59 banking, fintech, and cryptocurrency platforms, uses a trojanized MSI installer for Logitech AI Prompt Builder to infect systems. […]
Global Security News
Yet Another Way to Bypass Google Chrome’s Encryption Protection
Authors of the VoidStealer Trojan uncovered a way to get around Google’s App-Bound Encryption (ABE), opening the door to infostealers.
Europe, Global Security News
Mirax Android Trojan Turns Devices Into Residential Proxy Nodes
Security researchers warn of Mirax, an emerging Android banking trojan using MaaS, remote access and residential proxies to target European users
Global Security News, Government & Policy
Infoblox Threat Intel research links global mobile banking fraud wave to Cambodian scam compounds
GUEST RESEARCH: Android Trojan tied to forced-labour scam centres impersonates banks and governments in at least 21 countries, bypassing biometrics and SMS security.
Global Security News
Android Banking Trojan Linked to Cambodia Scam Compounds Hits 21 Countries
Android banking trojan linked to Cambodia scam compounds uses forced labour to target users in 21 countries, bypassing security to steal funds.
Global Security News
STX RAT Targets Finance Sector With Advanced Stealth Tactics
STX RAT, a newly identified remote access trojan, attempted deployment in finance, showing advanced C2 and stealthy delivery methods
AI, Global Security News, malware
Real-Time Banking Trojan Strikes Brazil’s Pix Users
The latest banking Trojan campaign to hit Brazil combines classic malware with a real-time human operator, waiting for the perfect moment to strike.
Global Security News
PixRevolution Malware Hijacks Brazil’s PIX Transfers in Real Time
PixRevolution Android trojan hijacks Brazil’s PIX payments in real time using accessibility abuse
Global Security News, malware
New PixRevolution Malware Steals Brazil’s PIX Transfers in Real Time
Researchers have discovered PixRevolution, a new Android banking trojan targeting Brazil’s PIX system. Unlike automated scams, this malware uses live operators to watch your screen and divert funds instantly.
Global Security News
BeatBanker Android Trojan Uses Silent Audio Loop to Steal Crypto
BeatBanker Android Trojan spreads via fake Google Play Store pages, using a silent audio loop to stay active while stealing crypto, banking data, and login credentials.
Global Security News
Fake Xeno and Roblox Utilities Used to Install Windows RAT, Microsoft Warns
Fake Xeno and Roblox gaming tools are spreading a Windows RAT (remote access trojan) using PowerShell and LOLBins, Microsoft Threat Intelligence warns.
Cybersecurity, Global Security News
$300 a Month Android Malware ‘Oblivion’ Uses Fake Updates to Hijack Phones
Cybersecurity researchers at Certo reveal Oblivion, a new Android Trojan targeting major brands like Samsung and Xiaomi. It bypasses security to steal passwords and bank codes.
AI, Apps, Cybersecurity, Global Security News, malware
Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users
Cybersecurity researchers have disclosed details of a new Android trojan called Massiv that’s designed to facilitate device takeover (DTO) attacks for financial theft. The malware, according to ThreatFabric, masquerades as seemingly harmless IPTV apps to deceive victims, indicating that the activity is primarily singling out users looking for the online TV applications. “This new threat,…
Europe, Global Security News
New ‘Massiv’ Android banking malware poses as an IPTV app
A newly identified Android banking trojan named Massiv has been under active distribution across south Europe, disguised as an IPTV app. […]