A new TrickMo Android banking trojan variant uses TON blockchain infrastructure for stealthy command-and-control communications.
Category: finance
TrickMo Android banker adopts TON blockchain for covert comms
A new variant of the TrickMo Android banking malware, delivered in campaigns targeting users across Europe, introduces new commands and uses The Open Network (TON) for stealthy command-and-control communications.
The TrickMo banker was first spotted in September 2019 and has remained in active development, constantly receiving updates since then.
In October 2024, Zimperium analyzed 40 variants of the malware delivered via 16 droppers, communicating with 22 distinct command-and-control (C2) infrastructures, and targeting sensitive data belonging to users worldwide.
Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads
Cybersecurity researchers have discovered fraudulent apps on the official Google Play Store for Android that falsely claimed to offer access to call histories for any phone number, only to trick users into joining a subscription that provided fake data and incurred financial loss.
The 28 apps have collectively racked up more than 7.3 million downloads, with one of them alone accounting for over 3 million downloads, before they were taken down from the official app storefront. The activity, codenamed CallPhantom by Slovakian cybersecurity company ESET, primarily targeted Android users in India and the broader Asia-Pacific region.
“The offending apps, which we named CallPhantom based on their false claims, purport to provide access to call histories, SMS records, and even WhatsApp call logs for any phone number,” ESET security researcher Lukáš Štefanko said in a report shared with The Hacker News. “To unlock this supposed feature, users are asked to pay — but all they get in return is randomly generated data.”
New TCLBanker malware self-spreads over WhatsApp and Outlook
A new trojan named TCLBanker, which targets 59 banking, fintech, and cryptocurrency platforms, uses a trojanized MSI installer for Logitech AI Prompt Builder to infect systems.
Additionally, the malware includes self-spreading worm modules for WhatsApp and Outlook that automatically infect new victims.
The new banking trojan was discovered by Elastic Security Labs, whose researchers believe it’s a major evolution of the older Maverick/Sorvepotel malware family.
New PCPJack worm steals credentials, cleans TeamPCP infections
A new malware framework called PCPJack is stealing credentials from exposed cloud infrastructure while actively removing TeamPCP’s access to the systems.
Among the targeted services are Docker, Kubernetes, Redis, MongoDB, RayML, and vulnerable web applications. In many cases, the threat actor moves laterally on the network.
SentinelLabs researchers say that PCPJack appears designed for large-scale credential theft, and likely monetizes its activity via financial fraud, spam operations, credential resale, or extortion.
Quantum Entangles the Heavens
As the United States, Europe, and China compete to shape the future of the Earth-Moon corridor, strategic advantage will depend not only on launch capacity or lunar infrastructure, but also on advances in quantum technologies. Just as secure systems are critical on Earth, satellites and space-based systems underpin high-value, high-impact operations from financial transactions and navigation to scientific discovery and classified military missions.
Quantum technologies, which enable new levels of speed, sensitivity, and security, are emerging as critical tools to improve existing extraterrestrial systems. Modern digital communications are secured by encryption built on math problems that are extremely difficult for regular computers to solve, but that sufficiently advanced quantum computers could eventually crack. Quantum communications technologies could add a new layer of protection by making it easier to detect when someone is trying to intercept sensitive information. Quantum sensors can measure position and time with an accuracy that GPS only approximates. Lastly, quantum computers could unlock new capabilities beyond current computational limits, from designing advanced materials to optimizing increasingly complex satellite networks.
Countries are racing to match their space and quantum ambitions with national strategies. The White House is reportedly drafting an executive order to strengthen US competitiveness in quantum technologies. The rumored draft directs multiple US government bodies, including NASA, to develop a five-year roadmap to expand quantum sensing and networking capabilities. The EU’s 2025 Quantum Europe Strategy highlights “Space and Dual-Use Quantum Technologies” as one of its five strategic focuses, and China’s 15th Five-Year Plan has called for expanding the country’s ground-to-space quantum communications network.
Silicon oscillators solve computer problems that would take thousands of years using semiconductors
In the era of big data and artificial intelligence, a new approach has emerged for solving combinatorial optimization problems, which involves finding the most efficient solution among many possible options and can otherwise take thousands of years to compute.
A KAIST research team has developed computational hardware that can be implemented entirely using existing silicon processes, enabling deployment on existing fabrication lines without additional facilities. This is expected to enable faster and more accurate decision-making across various industries, including logistics, finance, and semiconductor design.
The research is published in Science Advances.
Vimeo data breach exposes personal information of 119,000 people
The ShinyHunters extortion gang stole personal information belonging to over 119,000 people after hacking the Vimeo online video platform in April, according to data breach notification service Have I Been Pwned.
Vimeo is a video hosting and streaming platform publicly traded on the Nasdaq stock market, with over 300 million registered users and over 1,100 employees, and reported revenues of $417 million for FY2024.
The company disclosed on April 27 that customer and user data had been accessed without authorization following a recent breach at Anodot, a data anomaly detection company.
