MoqHao Android Malware Evolves with Auto-Execution Capability
Threat hunters have identified a new variant of Android malware called MoqHao that automatically executes on infected devices without requiring any user interaction
Android is Google's mobile operating system, whose apps, devices, and updates create a broad security surface for vulnerabilities and advisories.
Search across headline titles and summaries.
Background for this topic.
Android is an open-source operating system for mobile devices based on the Linux kernel, supporting apps primarily written in Java and Kotlin. Its architecture enforces app sandboxing and a permission model to isolate apps and restrict access to sensitive data or system features. However, Android’s allowance for installing apps from unofficial sources increases exposure to malicious software outside the vetted app store environment.
Security risks on Android include malware distribution via sideloaded apps, privilege escalation exploiting OS or pre-installed app vulnerabilities, and data leakage through excessive app permissions. Fragmentation in device models and delayed security updates complicate patch management, making timely application of security patches and careful permission control essential defensive practices for reducing attack surfaces on Android devices. Understanding these factors is critical for managing vulnerabilities in both consumer and enterprise contexts.
Threat hunters have identified a new variant of Android malware called MoqHao that automatically executes on infected devices without requiring any user interaction
A new version of the XLoader Android malware was discovered that automatically executes on devices it infects, requiring no user interaction to launch. [...]
Google has unveiled a new pilot program in Singapore that aims to prevent users from sideloading certain apps that abuse Android app permissions to read one-time passwords and gather sensitive data
Google has launched a new pilot program to fight financial fraud by blocking the sideloading of Android APK files that request access to risky permissions. [...]
The initiative aim to tackle mobile fraud by auto-blocking apps seeking sensitive permissions
The threat actor known as Patchwork likely used romance scam lures to trap victims in Pakistan and India, and infect their Android devices with a remote access trojan called VajraSpy