Iranian hacking group AppMilad has been distributing the Android spyware RatMilad in a new attack campaign targeted at enterprise users, according to SecurityWeek.
RatMilad, which features file manipulation, audio recording, and app permission modification capabilities, has been spread by AppMilad through the VPN and phone number spoofing app Text Me, as well as the Text Me variant NumRent, a Zimperium report showed. AppMilad also created a website to promote the apps in an effort to establish legitimacy. The report also found that AppMilad's post on Telegram that linked to the malicious app has been viewed more than 4,000 times and shared more than 200 times, but the extent of infections remains inconclusive. "Though this is not like other widespread attacks we have seen in the news, the RatMilad spyware and the Iranian-based hacker group AppMilad represent a changing environment impacting mobile device security," said Zimperium Director of Mobile Threat Intelligence Richard Mellick.
A $10M ransom demand to Riot Games, a DoS in BIND and why there's no version 10, an unexpected refactor at Twilio, insights in Rust from the git security audit, SQL Slammer 20 years later, the SQLMap tool
Threat actors have been leveraging Telegram to promote the new Titan Stealer information-stealing malware, which targets Windows machines to exfiltrate browser and cryptocurrency wallet data, reports The Hacker News.