WordPress Sites Turned Into Spy Networks: Malware Hides C2 Commands in Steam Profile Comments Using Unicode Steganography
A sophisticated malware campaign has compromised approximately 1,900 WordPress sites using Steam Community profile pages as a covert C2 channel. The malware employs Unicode steganography to hide commands...
OverlayPhantom Android Banking Trojan Targets 180+ Apps Across 10 Countries
A dangerous new Android banking trojan called OverlayPhantom has been targeting users in ten countries, abusing Android's Accessibility Service to steal banking and cryptocurrency credentials from over 180...
DevilNFC: New Android Malware Traps Victims in Kiosk Mode During NFC Card Relay Attacks
DevilNFC is a new Android malware that combines NFC relay attacks with Android Kiosk Mode to trap victims inside a fake banking screen while stealing card PINs in...
CallPhantom: 28 Fake Android Apps with 7.3 Million Downloads Sold Fabricated Call History Data on Google Play
Security researchers at ESET uncovered the CallPhantom campaign — 28 fraudulent Android apps on Google Play that accumulated over 7.3 million downloads by falsely promising access to any...