• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   android

New Android Spyware ActionSpy Revealed via Phishing Attacks from Earth Empusa
  • Posted on:June 11, 2020 at 5:25 am
  • Posted in:Malware, Mobile
  • Author:
    Trend Micro
0

While tracking Earth Empura, also known as POISON CARP/Evil Eye, we identified an undocumented Android spyware we have named ActionSpy (detected by Trend Micro as AndroidOS_ActionSpy.HRX). During the first quarter of 2020, we observed Earth Empusa’s activity targeting users in Tibet and Turkey before they extended their scope to include Taiwan. The campaign is reportedly targeting victims related to Uyghurs by compromising their Android and iOS mobile devices. This group is known to use watering hole attacks, but we recently observed them using phishing attacks to deliver their malware.

Read More
Tags: ActionSpyandroidEarth EmpusaEkranUyghur

Barcode Reader Apps on Google Play Found Using New Ad Fraud Technique
  • Posted on:June 4, 2020 at 7:00 am
  • Posted in:Malware, Mobile
  • Author:
    Trend Micro
0

We recently saw two barcode reader apps in Google Play, together downloaded more than a million times, that started showing unusual behavior (Trend Micro detects these as AndroidOS_HiddenAd.HRXJA). This includes behavior that can be seen even when the user is not actively using the phones

Read More
Tags: androidbarcode reader

Coronavirus Update App Leads to Project Spy Android and iOS Spyware
  • Posted on:April 14, 2020 at 5:58 am
  • Posted in:Malware, Mobile
  • Author:
    Trend Micro
0

We discovered a cyberespionage campaign we have named Project Spy infecting Android and iOS devices with spyware by using the coronavirus disease (Covid-19) as a lure.

Read More
Tags: androidcampaigncyberespionageiOSProject Spy

Operation Poisoned News: Hong Kong Users Targeted With Mobile Malware via Local News Links
  • Posted on:March 24, 2020 at 5:01 am
  • Posted in:Malware, Mobile
  • Author:
    Trend Micro
0

A recently discovered watering hole attack has been targeting iOS users in Hong Kong. The campaign uses links posted on multiple forums that supposedly lead to various news stories. While these links lead users to the actual news sites, they also use a hidden iframe to load and execute malicious code. The malicious code contains exploits that target vulnerabilities present in iOS 12.1 and 12.2. Users that click on these links with at-risk devices will download a new iOS malware variant, which we have called lightSpy.

Read More
Tags: androiddmsSpyiOSlightSpyOperation Poisoned News

Dissecting Geost: Exposing the Anatomy of the Android Trojan Targeting Russian Banks
  • Posted on:March 5, 2020 at 3:58 am
  • Posted in:Malware, Mobile
  • Author:
    Vit Sembera (Threats Analyst)
0

We dug deeper into the behavior of Geost, a trojan targetting Russian banks, by reverse engineering a sample of the malware. The trojan employed several layers of obfuscation, encryption, reflection, and injection of non-functional code segments that made it more difficult to reverse engineer.

Read More
Tags: androidGeostMalwareRussianTrojan
Page 1 of 3012 › »

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • Patch Tuesday: Fixes for ‘Wormable’ Windows DNS Server RCE, SharePoint Flaws
  • Water Nue Phishing Campaign Targets C-Suite’s Office 365 Accounts
  • US and European companies Top Targets of CEO Fraud
  • Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902
  • Company CFOs Targeted The Most By BEC Schemes

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.