Warning: Undefined variable $comments_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 527

New Android Banking Trojan Uses Hidden VNC to Steal Credentials

A newly discovered Android banking Trojan is employing a sophisticated technique using hidden Virtual Network Computing (VNC) to steal user credentials and bypass security measures. This malware targets banking apps by creating a hidden VNC session that allows attackers to remotely control the infected device without the user's knowledge. The Trojan is capable of intercepting two-factor authentication codes and capturing sensitive information, making it a significant threat to mobile banking security. Security researchers have identified this Trojan as a new variant that leverages advanced evasion tactics to avoid detection by antivirus software and security systems. The malware spreads primarily through malicious apps disguised as legitimate banking or financial tools, often distributed via third-party app stores or phishing campaigns. Once installed, it requests accessibility permissions to enable its remote control features. Users are advised to only download apps from official sources, keep their devices updated, and use multi-factor authentication methods to mitigate risks. This emerging threat highlights the evolving tactics of cybercriminals targeting mobile banking platforms and underscores the importance of robust mobile security practices.

This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 01 Oct 2025 06:50:13 +0000

Cyber News related to New Android Banking Trojan Uses Hidden VNC to Steal Credentials

New Android Banking Trojan Uses Hidden VNC to Steal Credentials - A newly discovered Android banking Trojan is employing a sophisticated technique using hidden Virtual Network Computing (VNC) to steal user credentials and bypass security measures. This malware targets banking apps by creating a hidden VNC session ...
2 days ago Cybersecuritynews.com

Ten new Android banking trojans targeted 985 bank apps in 2023 - This year has seen the emergence of ten new Android banking malware families, which collectively target 985 bank and fintech/trading apps from financial institutes across 61 countries. Banking trojans are malware that targets people's online bank ...
1 year ago Bleepingcomputer.com

Android malware and unwanted software statistics for Q1 2024 - Over 389,000 malicious installation packages were detected, of which: 11,729 packages were related to mobile banking Trojans, 1,990 packages were mobile ransomware Trojans. The rapid growth in the total number of attacks between Q2 and Q4 2023 is ...
1 year ago Securelist.com

ToxicPanda Android Banking Malware Infected 4500+ Devices to Steal Banking Credentials - A sophisticated Android banking trojan known as ToxicPanda has successfully infiltrated over 4500 mobile devices across Europe, representing one of the most significant mobile banking malware campaigns observed in recent years. The malware shows ...
2 months ago Cybersecuritynews.com

PixPirate: New Android Banking Trojan Targeting Brazilian Financial Institutions - A new Android banking trojan has set its eyes on Brazilian financial institutions to commit fraud by leveraging the PIX payments platform. Italian cybersecurity company Cleafy, which discovered the malware between the end of 2022 and the beginning of ...
2 years ago Thehackernews.com

29 malware families target 1,800 banking apps worldwide - Mobile banking is outpacing online banking across all age groups due to its convenience and our desire to have those apps at our fingertips, according to Zimperium. This surge is accompanied by a dramatic growth in financial fraud. The research ...
1 year ago Helpnetsecurity.com

Chameleon Android Trojan Offers Biometric Bypass - A new variant of an Android banking Trojan has appeared that can bypass biometric security to break into devices, demonstrating an evolution in the malware that attackers now are wielding against a wider range of victims. Spread through phishing ...
1 year ago Darkreading.com

New Banking Malware DoubleTrouble Attacking Users Via Phishing Sites To Steal Banking Credentials - DoubleTrouble represents a concerning evolution in mobile banking malware, combining traditional overlay attacks with cutting-edge capabilities including comprehensive screen recording, advanced keylogging, and real-time device manipulation. ...
2 months ago Cybersecuritynews.com

Beware, iPhone Users: iOS GoldDigger Trojan can Steal Face ID and Banking Details - Numerous people pick iPhones over Android phones because they believe iPhones are more secure. This may no longer be the case due to the emergence of a new banking trojan designed explicitly to target iPhone users. According to a detailed report by ...
1 year ago Cysecurity.news

Lampion Banking Malware Employs ClickFix Lures To Steal Banking Information - Once executed, the malware begins its covert operation to harvest banking credentials, credit card information, and other sensitive financial data from compromised systems. A sophisticated banking trojan known as Lampion has resurfaced with an ...
4 months ago Cybersecuritynews.com

New Android Trojan 'DatzBro' Tricking Users Into Installing Fake Apps To Steal Banking Credentials - A new Android Trojan named 'DatzBro' has been discovered targeting users by tricking them into installing fake applications that steal banking credentials. This malware masquerades as legitimate apps to deceive victims and gain access to sensitive ...
3 days ago Thehackernews.com

Warning: Undefined array key "host" in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 364

Warning: Undefined variable $domain_html in /home/u319666691/domains/cybersecurityboard.com/public_html/_template.php on line 466

CVE-2021-20590 - Improper authentication vulnerability in GOT2000 series GT27 model VNC server versions 01.39.010 and prior, GOT2000 series GT25 model VNC server versions 01.39.010 and prior, GOT2000 series GT21 model GT2107-WTBD VNC server versions 01.40.000 and ...
3 years ago

PixPirate Android malware uses new tactic to hide on phones - The latest version of the PixPirate banking trojan for Android employs a new method to hide on phones while remaining active, even if its dropper app has been removed. PixPirate is a new Android malware first documented by the Cleafy TIR team last ...
1 year ago Bleepingcomputer.com

New Web injections campaign steals banking data from 50,000 people - A new malware campaign that emerged in March 2023 used JavaScript web injections to try to steal the banking data of over 50,000 users of 40 banks in North America, South America, Europe, and Japan. IBM's security team discovered this evasive threat ...
1 year ago Bleepingcomputer.com

FjordPhantom Android malware uses virtualization to evade detection - A new Android malware named FjordPhantom has been discovered using virtualization to run malicious code in a container and evade detection. The malware was discovered by Promon, whose analysts report that it currently spreads via emails, SMS, and ...
1 year ago Bleepingcomputer.com

New Android Malware 'Salvador Stealer' That Phish & Steals Your Banking Details & OTPs - Cybersecurity researchers have discovered a sophisticated new Android malware called “Salvador Stealer” that targets banking credentials and one-time passwords (OTPs) through an elaborate phishing scheme. Once active, Salvador Stealer ...
6 months ago Cybersecuritynews.com

AutoSpill attack steals credentials from Android password managers - Security researchers developed a new attack, which they named AutoSpill, to steal account credentials on Android during the autofill operation. In a presentation at the Black Hat Europe security conference, researchers from the International ...
1 year ago Bleepingcomputer.com

RBI Has Mandated That All Bank Websites in India migrate to the .bank.in - This landmark cybersecurity initiative aims to create a more secure digital banking ecosystem and combat the rising threat of phishing attacks targeting Indian banking customers. Cybersecurity experts estimate that phishing attacks targeting Indian ...
5 months ago Cybersecuritynews.com

Anatsa Android Banking Malware from Google Play Targeting Users in the U.S. and Canada - ThreatFabric researchers have identified a sophisticated new campaign by the Anatsa banking trojan specifically targeting mobile banking customers across the United States and Canada, marking the malware’s third major offensive against North ...
2 months ago Cybersecuritynews.com

Over 90 malicious Android apps with 5.5M installs found on Google Play - Over 90 malicious Android apps were found installed over 5.5 million times through Google Play to deliver malware and adware, with the Anatsa banking trojan seeing a recent surge in activity. Anatsa is a banking trojan that targets over 650 ...
1 year ago Bleepingcomputer.com

Android App With 220,000+ Downloads From Google Play Installs Banking Trojan - A sophisticated Android banking trojan campaign leveraging a malicious file manager application accumulated over 220,000 downloads on the Google Play Store before its removal. According to the Zscaler ThreatLabz post shared on X, the malicious app, ...
6 months ago Cybersecuritynews.com

First Ever iOS Trojan Steals Facial Recognition Data - A novel, very sophisticated mobile Trojan dubbed GoldPickaxe. iOS that targets iOS users exclusively was discovered to collect facial recognition data, intercept SMS, and gather identity documents. The Asia-Pacific region includes the majority of ...
1 year ago Gbhackers.com

Android 15, Google Play get new anti-malware and anti-fraud features - Today, Google announced new security features coming to Android 15 and Google Play that will help block scams, fraud, and malware apps on users' devices. Announced at Google I/O 2024, the new features are designed not only to help end users but also ...
1 year ago Bleepingcomputer.com

Sophisticated Web Injection Campaign Targets 50,000 Individuals, Pilfering Banking Data - Web injections, a favoured technique employed by various banking Trojans, have been a persistent threat in the realm of cyberattacks. These malicious injections enable cybercriminals to manipulate data exchanges between users and web browsers, ...
1 year ago Cysecurity.news

Credentials are Still King: Leaked Credentials, Data Breaches and Dark Web Markets - Infostealers infect computers, steal all of the credentials saved in the browser along with active session cookies and other data, then export it back to command and control infrastructure before, in some cases, self-terminating. This article will ...
1 year ago Bleepingcomputer.com