BTMOB Android malware service generates custom phishing payloads
An Android remote access trojan named BTMOB is offered to cybercriminals with a builder interface for generating malware payloads tailored to phishing lures. [.
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
367 articles found
An Android remote access trojan named BTMOB is offered to cybercriminals with a builder interface for generating malware payloads tailored to phishing lures. [.
Carnival Corporation, one of the world’s largest cruise operators, confirmed a data breach weeks after the ShinyHunters hacking group claimed it had stolen m...
Delivered via phishing lures, the malware combines financial theft with data exfiltration and remote access. The post New BTMOB Android Malware Enables Full ...
A newly disclosed phishing technique dubbed “VaultJacking” is raising serious concerns across the cybersecurity community after researchers demonstrated how ...
Hackers are actively deploying VIP Keylogger through phishing emails disguised as routine business documents, using multi‑layered loaders, steganography, and...
A new phishing-driven malware campaign distributing a stealthy PureLogs variant that leverages advanced evasion techniques, including process hollowing via M...
The Silent Ransom Group (SRG) is running a new wave of hands‑on social engineering attacks against law firms, posing as internal IT support to steal sensitiv...
India’s largest public sector bank, State Bank of India (SBI), has issued a fresh cybersecurity alert warning customers about an ongoing phishing campaign ta...
Doppel Email Security utilizes autonomous agents and its Doppel 360 Threat Graph to investigate threats within the inbox.
SRG actors initiate attacks by posing as IT support staff, contacting victims via phone calls or phishing emails to solicit a remote desktop session.
Career-themed phishing lures targeted employees of US domestic airlines during Operation Epic Fury.
Group-IB uncovered Ghost Stadium phishing and 4300 fake FIFA World Cup domains targeting fans
As AI accelerates phishing, session hijacking, and credential abuse, security teams are racing to close the gap between attacker speed and defensive response...
The CypherLoc attack begins with a phishing email containing a malicious link or attachment.
So, you've enabled multi-factor authentication. You've taught your staff never to type their passwords into dodgy-looking login pages.
Almost all organizations impersonated by Chinese phishing platforms are non-Chinese entities, suggesting operators deliberately avoid domestic targets
Chinese-language phishing-as-a-service (PhaaS) communities are expanding in an area historically dominated by Russian-speaking cybercriminal groups. The Goog...
BTMOB Android RAT sold as a service with a no-code builder for fast, regional phishing lures
FortiGuard Labs analyzed a new phishing campaign that uses obfuscated JavaScript, PowerShell, process hollowing, and PureLogs to steal sensitive data
At the Span Cyber Security Arena conference, I sat down with Eric Woodruff, Chief Identity Architect at Semperis, to talk about how organizations perceive id...