DCHSpy Android spyware, linked to Iran’s MOIS, mimics VPN and Starlink apps to spy on dissidents.
Category: cybercrime/malcode – Page 27
Google sues to disrupt BadBox 2.0 botnet infecting 10 million devices
Google has filed a lawsuit against the anonymous operators of the Android BadBox 2.0 malware botnet, accusing them of running a global ad fraud scheme against the company’s advertising platforms.
The BadBox 2.0 malware botnet is a cybercrime operation that utilizes infected Android Open Source Project (AOSP) devices, including smart TVs, streaming boxes, and other connected devices that lack security protections, such as Google Play Protect.
These devices become infected either by threat actors purchasing low-cost AOSP devices, modifying the operating system to include the BadBox 2 malware, and then reselling them online, or by tricking users into downloading and installing malicious apps on their devices that contain the malware.
Hackers Leverage Microsoft Teams to Spread Matanbuchus 3.0 Malware to Targeted Firms
It’s worth noting that similar social engineering tactics have been employed by threat actors associated with the Black Basta ransomware operation.
“Victims are carefully targeted and persuaded to execute a script that triggers the download of an archive,” Morphisec CTO Michael Gorelik said. “This archive contains a renamed Notepad++ updater (GUP), a slightly modified configuration XML file, and a malicious side-loaded DLL representing the Matanbuchus loader.”
Matanbuchus 3.0 has been advertised publicly for a monthly price of $10,000 for the HTTPS version and $15,000 for the DNS version.