Tag: spynote

3 Attack Reports | 0 Vulnerabilities

Attack reports

Newly Registered Domains Distributing SpyNote Malware

Cybercriminals are employing deceptive websites on newly registered domains to distribute AndroidOS SpyNote malware. These sites imitate the Google Chrome install page on the Google Play Store, tricking users into downloading SpyNote, a powerful Android remote access trojan. SpyNote is used for sur…
rat
phishing
android
spynote
remote access
keylogging
data exfiltration
spymax
google play store
2025-04-10
apk dropper
androidos
2025-04-15
Published: April 15, 2025
Downloadable IOCs: 0

A Network of Harm: Gigabud Threat and Its Associates

An investigation reveals a significant connection between Gigabud and Spynote malware families, targeting over 50 financial apps including banks and cryptocurrency platforms. The campaign utilizes sophisticated distribution methods, including 11 command and control servers and 79 phishing websites …
phishing
cryptocurrency
spynote
banking trojan
2024-09-17
gigabud
android rat
Published: September 17, 2024
Downloadable IOCs: 116

New Pakistan-based Cyber Espionage Group’s Year-Long Campaign Targeting Indian Defense Forces with Android Malware

CYFIRMA researchers identified an Android malware campaign, active for over a year, targeting Indian defense personnel by an unidentified Pakistan-based cyber espionage group. The threat actor utilized Spynote or a modified version called Craxs Rat, obfuscating the app with high complexity. Through…
malware
espionage
android
pakistan
2024-05-03
2024-05-04
2024-05-05
2024-05-06
india
spynote
defense
craxs rat
Published: May 6, 2024
Downloadable IOCs: 3
Click here to see more Attack Reports