#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Accessibility Service | Breaking Cybersecurity News | The Hacker News

Anatsa Android Trojan Bypasses Google Play Security, Expands Reach to New Countries

Anatsa Android Trojan Bypasses Google Play Security, Expands Reach to New Countries

Feb 19, 2024 Malware / Mobile Security
The Android banking trojan known as  Anatsa  has expanded its focus to include Slovakia, Slovenia, and Czechia as part of a new campaign observed in November 2023. "Some of the droppers in the campaign successfully exploited the accessibility service, despite Google Play's enhanced detection and protection mechanisms," ThreatFabric  said  in a report shared with The Hacker News. "All droppers in this campaign have demonstrated the capability to bypass the restricted settings for accessibility service in Android 13." The campaign, in total, involves five droppers with more than 100,000 total installations. Also known by the name TeaBot and Toddler, Anatsa is known to be distributed under the guise of seemingly innocuous apps on the Google Play Store. These apps, called droppers, facilitate the installation of the malware by circumventing security measures imposed by Google that seek to grant sensitive permissions. In June 2023, the Dutch mobile security firm
Chameleon Android Banking Trojan Variant Bypasses Biometric Authentication

Chameleon Android Banking Trojan Variant Bypasses Biometric Authentication

Dec 21, 2023 Mobile Security / Banking Trojan
Cybersecurity researchers have discovered an updated version of an Android banking malware called Chameleon that has expanded its targeting to include users in the U.K. and Italy. "Representing a restructured and enhanced iteration of its predecessor, this evolved Chameleon variant excels in executing Device Takeover (DTO) using the accessibility service, all while expanding its targeted region," Dutch mobile security firm ThreatFabric  said  in a report shared with The Hacker News. Chameleon was  previously documented  by Cyble in April 2023, noting that it had been used to single out users in Australia and Poland since at least January. Like other banking malware, it's known to abuse its permissions to Android's accessibility service to harvest sensitive data and conduct overlay attacks. The rogue apps containing the earlier version were hosted on phishing pages and found to impersonate genuine institutions in the countries, such as the Australian Taxation Offic
How to Achieve the Best Risk-Based Alerting (Bye-Bye SIEM)

How to Achieve the Best Risk-Based Alerting (Bye-Bye SIEM)

Feb 19, 2024Network Detection and Response
Did you know that Network Detection and Response (NDR) has become the most effective technology to detect cyber threats? In contrast to SIEM, NDR offers adaptive cybersecurity with reduced false alerts and efficient threat response. Are you aware of  Network Detection and Response (NDR)  and how it's become the most effective technology to detect cyber threats?  NDR massively upgrades your security through risk-based alerting, prioritizing alerts based on the potential risk to your organization's systems and data. How? Well, NDR's real-time analysis, machine learning, and threat intelligence provide immediate detection, reducing alert fatigue and enabling better decision-making. In contrast to SIEM, NDR offers adaptive cybersecurity with reduced false positives and efficient threat response. Why Use Risk-Based Alerting? Risk-based alerting is an approach where security alerts and responses are prioritized based on the level of risk they pose to an organization's system
Cybersecurity Resources