RATs Spread Via Fake Skype, Zoom, Google Meet Sites
Zscaler’s ThreatLabz discovered malware spreading SpyNote RAT to Android and NjRAT/DCRat to Windows
Android is Google's mobile operating system, whose apps, devices, and updates create a broad security surface for vulnerabilities and advisories.
Search across headline titles and summaries.
Background for this topic.
Android is an open-source operating system for mobile devices based on the Linux kernel, supporting apps primarily written in Java and Kotlin. Its architecture enforces app sandboxing and a permission model to isolate apps and restrict access to sensitive data or system features. However, Android’s allowance for installing apps from unofficial sources increases exposure to malicious software outside the vetted app store environment.
Security risks on Android include malware distribution via sideloaded apps, privilege escalation exploiting OS or pre-installed app vulnerabilities, and data leakage through excessive app permissions. Fragmentation in device models and delayed security updates complicate patch management, making timely application of security patches and careful permission control essential defensive practices for reducing attack surfaces on Android devices. Understanding these factors is critical for managing vulnerabilities in both consumer and enterprise contexts.
Zscaler’s ThreatLabz discovered malware spreading SpyNote RAT to Android and NjRAT/DCRat to Windows
Threat actors have been leveraging fake websites advertising popular video conferencing software such as Google Meet, Skype, and Zoom to deliver a variety of malware targeting both Android and Windows users since December 2023
A Russian-language campaign aims to compromise corporate users on both Windows and Android devices by mimicking popular online collaboration applications.
Microsoft has unexpectedly announced they are ending support for the Windows Subsystem for Android next year on March 5th. [...]
Cybercriminals are using a network of hired money mules in India using an Android-based application to orchestrate a massive money laundering scheme