Antonio Roman

🚨 NEW Android RAT alert: Mirax Hit 220,000+ accounts via Meta ads, targeting Spain, disguised as IPTV / sports streaming apps. 🏦 Targets 182 banking & crypto apps using HTML overlays 🔁 NEW: turns infected phones into SOCKS5 residential proxy nodes Mobile banking trojans are now doubling as proxy botnets. The convergence is here. Sold as private MaaS, $2,500/3mo. Hosted on GitHub. Hash-rotated daily to dodge detection. 🔗Dropper: koodous.com/apks/53de68ebe… koodous.com/apks/759eed826… 🔗Implant: koodous.com/apks/88e6e4a54… koodous.com/apks/29577570d… #AndroidMalware #Mirax #BankingTrojan #ResidentialProxy #Koodous

Buenas noticias ☺️ larazon.es/ciencia/carlos…

🚨 NEW THREAT: "Perseus", a new Android banking malware that reads your NOTES. Built on Cerberus/Phoenix code, it disguises as IPTV apps and can: 🔍 Scan all your notes 📱 Full device takeover via Accessibility Services 🎭 Overlay attacks on banking & crypto apps 🛡️ Advanced anti-analysis Targets: Turkey, Italy, Poland, Germany, France, UAE, Portugal + crypto wallets. Developers likely used LLMs to build it. The game keeps evolving. We had this Perseus payload on Koodous before it made headlines. Early access to samples is what community-driven intelligence looks like: 🔗 Sample details: koodous.com/apks/2524e9d5e… #AndroidMalware #Perseus #MobileSecurity #ThreatIntelligence #Koodous

Zimperium just published their research on #ArsinkRAT, but at @koodous_project we've had over 1,000 samples from this campaign detected for months, available for community analysis. Here are some examples: 🔗koodous.com/apks/9dd189d12… 🔗koodous.com/apks/5032729a6… 🔗koodous.com/apks/e167c6ee1…

☁️ A massive #Android RAT operation is hiding inside #Google's own infrastructure. "Arsink" abuses Firebase, Google Apps Script, and Google Drive as C2 channels, making its traffic look like normal cloud activity. It steals SMS (including OTPs), contacts, call logs, location, and media files. It impersonates dozens of popular brands and distributes via Telegram, Discord, and MediaFire. 🔍Even after Google's takedown, it keeps coming back with new variants. #AndroidSecurity #Malware #Koodous #ThreatIntelligence #Google

🚨 FvncBot, SeedSnatcher and the upgraded ClayRat variant are a wake-up call: mobile banking and crypto “security” often looks safer in marketing than in real life. Attackers evolve in weeks. App stores, banks and wallets still respond in months. If we want to keep up, crowdsourced Android threat intelligence isn’t optional, it’s the baseline. 🔐 #Android #Malware #CyberSecurity #Koodous

⚠️New Android RAT “Fantasy Hub” sold as Russian MaaS uses fake Google Play pages, a Telegram bot and powerful SMS abuse to hijack devices and drain bank accounts. Tracking samples with the community on Koodous. 👇More details in the article below #AndroidMalware #MalwareAnalysis #ThreatIntel linkedin.com/pulse/fantasy-…

🚨 New threat alert! 🚨 Researchers unveiled #Pixnapping, a novel class of attacks allowing a malicious Android app to stealthily leak information displayed by other apps or websites. This attack exploits Android APIs and a hardware side channel. It can steal 2FA codes (e.g., from Google Authenticator in under 30 seconds), chat messages, and emails. Key details: * Affects nearly all modern Android devices, demonstrated on Google/Samsung phones * The malicious app requires NO Android permissions * Tracked as CVE-2025-48561 Read the paper: pixnapping.com #AndroidSecurity #InfoSec #Cybersecurity

New Android banking trojan on the loose: Klopatra. Aimed at stealing creds & taking over devices. We’ve already spotted multiple samples on Koodous. Dive in, hunt, and tag to help the community—search Klopatra on Koodous now. #AndroidMalware #ThreatIntel #BankingTrojan #RAT Some samples in #koodous koodous.com/apks/b77879e45… koodous.com/apks/ecf0a143d…

🔍 How does Koodous Mobile work? Protect your device through real-time, collaborative security: 1️⃣ Download the app 2️⃣ Koodous analyzes your apps 3️⃣ Compares with our community database 4️⃣ Detects malicious behavior 5️⃣ Gets alerts 6️⃣ Contribute to the global repository 🚀 Mobile security made simple. #CyberSecurity #Koodous #antivirus

New Android Malware Wave Hits Banking via NFC Relay Fraud, Call Hijacking, and Root Exploits More information: thehackernews.com/2025/08/new-an… #android #Malware #koodous #NFC #malwarebanking You can find sample examples: koodous.com/apks/8495254f3… koodous.com/apks/778d6147a… koodous.com/apks/1fc3b3bec… koodous.com/apks/ed1dfa589…

Falsos PDF ejecutables: APT36 ataca infraestructuras críticas con archivos .desktop unaaldia.hispasec.com/2025/08/falsos…

@quironsalud penoso en la gestión de sus sistemas informáticos, es rara la vez que en urgencias funciona todo como debe. Tres horas esperando porque el sistema de cita internas de urgencias no funcionaba cuando llegué. Así que caí en el limbo y cualquier prueba analítica pasa a ser de las últimas #penoso #quironmalaga

UNE lanza en español el primer estándar global sobre gestión de la inteligencia artificial  unaaldia.hispasec.com/2025/07/une-la…

Alerta: Más de 40 extensiones fraudulentas de Firefox vacían tus criptomonedas unaaldia.hispasec.com/2025/07/alerta…

16 mil millones de credenciales al descubierto: ¿el robo del siglo o un espejismo? unaaldia.hispasec.com/2025/06/filtra…

Configuraciones inseguras de GitHub Actions ponen en riesgo proyectos open source unaaldia.hispasec.com/2025/06/github…

🟢 En el #DES2025, María Luisa Ulgar (@WomANDigital_ ), Almudena Parra (@hispasec) y Marta Tolosa (EMEA) nos hablan del Foro Mujeres Ciberlíderes: una red de mujeres referentes en tecnología y ciberseguridad que actúa como motor de cambio en Andalucía. 📍Stand @andaluciajunta #AndaluciaDigitalizADA

A TWO-TIME ROLAND-GARROS CHAMPION CARLOS ALCARAZ