ESET researchers have identified 12 Android espionage apps that share the same malicious code; six were available on Google Play. All the observed applications were advertised as messaging tools, apart from one that posed as a news app. In the background, these apps covertly execute remote access trojan (RAT) code
Infoblox has published a second threat report with critical updates on “Decoy Dog,” the remote access trojan (RAT) toolkit they discovered and disclosed in April 2023. The malware uses DNS to establish command and control (C2) and is suspected as a secret tool used in ongoing nation-state cyber attacks. The
ESET researchers have discovered a trojanized Android app named iRecorder – Screen Recorder. It was available on Google Play as a legitimate app in September 2021, with malicious functionality most likely added in August 2022. During its existence, the app was installed on more than 50,000 devices.