{"id":153513,"date":"2022-12-10T04:53:11","date_gmt":"2022-12-10T04:53:11","guid":{"rendered":"https:\/\/harchi90.com\/researchers-uncover-darknet-service-allowing-hackers-to-trojanize-legit-android-apps\/"},"modified":"2022-12-10T04:53:11","modified_gmt":"2022-12-10T04:53:11","slug":"researchers-uncover-darknet-service-allowing-hackers-to-trojanize-legit-android-apps","status":"publish","type":"post","link":"https:\/\/harchi90.com\/researchers-uncover-darknet-service-allowing-hackers-to-trojanize-legit-android-apps\/","title":{"rendered":"Researchers Uncover Darknet Service Allowing Hackers to Trojanize Legit Android Apps"},"content":{"rendered":"<div>\n<p><span class=\"p-author\"><i class=\"icon-font icon-calendar\">\ue802<\/i><span class=\"author\">Dec 08, 2022<\/span><i class=\"icon-font icon-user\">\ue804<\/i><span class=\"author\">Ravie Lakshmanan<\/span><\/span><span class=\"p-tags\">Mobile Security \/ Android Malware<\/span><\/p>\n<\/div>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both;\"><\/div>\n<p>Researchers have shed light on a new hybrid malware campaign targeting both Android and Windows operating systems in a bid to expand its pool of victims.<\/p>\n<p>The attacks entail the use of different malware such as ERMAC, Erbium, Aurora, and Laplas, according to a ThreatFabric report shared with The Hacker News.<\/p>\n<p>&#8220;This campaign resulted in thousands of victims,&#8221; \u200b\u200bthe Dutch cybersecurity company said, adding, &#8220;Erbium stealer successfully exfiltrated data from more then 1,300 victims.&#8221;<\/p>\n<div class=\"ad_two clear\"><center class=\"cf\"><img decoding=\"async\" alt=\"CyberSecurity\" class=\"lazyload\" loading=\"lazy\" src=\"https:\/\/i0.wp.com\/thehackernews.com\/new-images\/img\/b\/R29vZ2xl\/AVvXsEjRFZ8qsBvgTY-k97x35shkWsLwy9nml2qvGAhoSUrgnOv4cjMNq_Fxt3PX1-fGsYvukFgecZk_tEq7yo25JhDC5-Vs1Y7zQbdJRNWI2oxxbGupTJLIJ0PYz_4_8B6uWYsPON_7MgJlvofZuiWyadFpo71DOfXvGZzq6ie6zFQwJuzi2macqFLGR30PbA\/s1600\/Uptycs-728.jpg?resize=728%2C90&#038;ssl=1\" width=\"728\" height=\"90\" data-recalc-dims=\"1\" \/><\/center><\/div>\n<p>The ERMAC infections commence with a fraudulent website that claims to offer Wi-Fi authorization software for Android and Windows that, when installed, comes with features to steal seed phrases from crypto wallets and other sensitive data.<\/p>\n<div class=\"separator\" style=\"clear: both;\"><img alt=\"Android Malware\" border=\"0\" data-original-height=\"400\" data-original-width=\"728\" src=\"https:\/\/i0.wp.com\/thehackernews.com\/new-images\/img\/b\/R29vZ2xl\/AVvXsEgSTfxdG6UW18Gfk9YgChncNBVYNpPbjRSbcRuBsEMOCPH3_JeJk2pZ5pmpP9cRzwhzQoOD7hJ08dQydmLTR_tzS_eY1kbtfaDMLForcJqv2f79EuXhO9Pf_4kIc3hjkURIAxh_LT7XA2Frzatb1j3roLmiZQAJhlAXDa8RqmnD6VJ4FDcGDmfJ2s59\/s728-e1000\/androd.png?ssl=1\" title=\"Android Malware\" data-recalc-dims=\"1\"\/><\/div>\n<div class=\"separator\" style=\"clear: both;\"><img alt=\"Android Malware\" border=\"0\" data-original-height=\"401\" data-original-width=\"728\" src=\"https:\/\/i0.wp.com\/thehackernews.com\/new-images\/img\/b\/R29vZ2xl\/AVvXsEg5MOEZcCN9RTiqwo5u-72W3yNpir77PrteaIqutNfMZhhyssF2KWkahfMNQX5mKSerFZrVaEmFvH1a6tyMgPSewZtPO36nk9kvfmOSOvqGHqatZCB75NI7gmyLlowCs8lKN2b_R4UvtGIgGrBlRyE0Gh--EVX7yeHF8lgqsOtLX5A5EDx-4FKPSoF6\/s728-e1000\/ermac.png?ssl=1\" title=\"Android Malware\" data-recalc-dims=\"1\"\/><\/div>\n<p>ThreatFabric said it also found a number of malicious apps that were trojanized versions of legitimate apps like Instagram, with the operators using them as droppers to deliver the obfuscated malicious payload.<\/p>\n<p>The rogue apps, dubbed Zombinder, are said to have been developed using an APK binding service advertised on the dark web by a well-known threat actor since March 2022.<\/p>\n<p>Such zombie apps have also been used to distribute Android banking trojans like SOVA and Xenomorph targeting customers in Spain, Portugal, and Canada, among others.<\/p>\n<p>Interestingly, the download option for Windows on the booby-trapped website distributing ERMAC is designed to deploy the Erbium and Aurora information stealers on the compromised system.<\/p>\n<p>Erbium, which is a malware-as-a-service (MaaS) licensed for $1,000 per year, not only steals passwords and credit card information, but has also been observed acting as a conduit to drop the Laplas clipper that&#8217;s used to hijack crypto transactions .<\/p>\n<p>&#8220;The presence of such a wide variety of trojans might also indicate that the landing page is used by multiple actors and provided to them as a part of a third-party distribution service,&#8221; the researchers theorized.<\/p>\n<p><\/p>\n<div class=\"cf note-b\">Found this article interesting?  Follow us on <a rel=\"nofollow noopener\" href=\"https:\/\/twitter.com\/thehackersnews\" target=\"_blank\">twitter <i class=\"icon-font icon-twitter\">\uf099<\/i><\/a>  and LinkedIn to read more exclusive content we post.<\/div>\n<\/div>\n<p><script async src=\"\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><script type=\"46b44259f84d56404fae7e73-text\/javascript\">\n\/\/<![CDATA[\nhead.ready(\"jqueryfile\",function(){$(\"a[href^='#link_share']\").each(function(){var e=$(this).attr(\"data-sm\"),t=\"\";\"facebook\"==e&#038;&#038;(t=\"https:\/\/www.facebook.com\/sharer.php?u=\"+share_url),\"twitter\"==e&#038;&#038;(t=\"https:\/\/twitter.com\/intent\/tweet?url=\"+share_url+\"&#038;text=\"+share_title+\"&#038;via=TheHackersNews\"),\"linkedin\"==e&#038;&#038;(t=\"https:\/\/www.linkedin.com\/shareArticle?mini=true&#038;url=\"+share_url),\"reddit\"==e&#038;&#038;(t=\"https:\/\/www.reddit.com\/submit?url=\"+share_url),\"hackernews\"==e&#038;&#038;(t=\"https:\/\/news.ycombinator.com\/submitlink?u=\"+share_url+\"&#038;t=\"+share_title),\"email\"==e&#038;&#038;(t=\"mailto:?&#038;subject=News Article\u2014\"+share_title+\"&#038;body=Check out this article from The Hacker News. n n n\"+share_title+\" \u2014 \"+share_url),\"whatsapp\"==e&#038;&#038;(t=\"https:\/\/api.whatsapp.com\/send?text=\"+share_title+\" \u2014 \"+share_url),\"facebook-m\"==e&#038;&#038;(t=\"fb-messenger:\/\/share\/?link=\"+share_url+\"&#038;app_id=280117418781535\"),\"telegram\"==e&#038;&#038;(t=\"https:\/\/telegram.me\/share\/url?url=\"+share_url+\"&#038;text=\"+share_title),$(this).attr(\"href\",t)}),$(\".show-comments\").on(\"click\",function(){var e=document.createElement(\"script\");e.src=\"https:\/\/connect.facebook.net\/en_US\/sdk.js#xfbml=1&#038;appId=280117418781535&#038;version=v2.12\",document.body.appendChild(e),$(\".sharebelow-comment\").hide(),$(\".comments\").show()});var e=$(\".articlebody\").offset().top,t=!1;$(window).scroll(function(){$(window).scrollTop()>e&&!t&&(jQuery.ajax({url:\"https:\/\/thehackernews.com\/feeds\/posts\/default?alt=json&max-results=4\",type:\"get\",cache:!1,dataType:\"jsonp\",success:function(e){for(var t=\"\",s=\"\",r=0;r<e.feed.entry.length;r++){for(var a,l=0;l<e.feed.entry[r].link.length;l++)if(\"alternate\"==e.feed.entry[r].link[l].rel){t=e.feed.entry[r].link[l].href;break}100<(a=(a=\"content\"in e.feed.entry[r]?e.feed.entry[r].content.$t:\"summary\"in e.feed.entry[r]?e.feed.entry[r].summary.$t:\"\").replace(\/<S[^>]*>\/g,\"\")).length&&(a=a.substring(0,90));var n=(n=e.feed.entry[r].title.$t).substring(0,58),o=(o=e.feed.entry[r].media$thumbnail.url.replace(\/\/s72-c-e100\/,\"\/s260-e100\"));s+='\n\n<article class=\"latest cf\">\n\n<div><img decoding=\"async\" class=\"nolazyload\" src=\"'+o+'\" alt=\"'+n+'\"\/><\/div>\n\n\n\n<div>\n\n<div class=\"latest-h3\">'+n+'...<\/div>\n\n<\/div>\n\n\n\n<div class=\"latest-desc\">'+a+\"...<\/div>\n\n<\/article>\n\n\"}s+=\"\",document.getElementById(\"result\").innerHTML=s}}),t=!0)})});\n\/\/]]>\n<\/script>  .<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\ue802Dec 08, 2022\ue804Ravie LakshmananMobile Security \/ Android Malware Researchers have shed light on a new hybrid malware campaign targeting both Android and Windows operating systems in a bid to expand its pool of victims. The attacks entail the use of different malware such as ERMAC, Erbium, Aurora, and Laplas, according to a ThreatFabric report shared &hellip;<\/p>\n<p class=\"read-more\"> <a class=\"\" href=\"https:\/\/harchi90.com\/researchers-uncover-darknet-service-allowing-hackers-to-trojanize-legit-android-apps\/\"> <span class=\"screen-reader-text\">Researchers Uncover Darknet Service Allowing Hackers to Trojanize Legit Android Apps<\/span> Read More &raquo;<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-global-header-display":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true},"categories":[4],"tags":[1778,1771,1764,1763,1765,1766,1767,1772,1768,1769,1774,1776,1775,1773,1770,1777],"jetpack_publicize_connections":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v19.10 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Researchers Uncover Darknet Service Allowing Hackers to Trojanize Legit Android Apps - harchi90<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/news.google.com\/__i\/rss\/rd\/articles\/CBMiSmh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vMjAyMi8xMi9yZXNlYXJjaGVycy11bmNvdmVyLWRhcmtuZXQtc2VydmljZS5odG1s0gFQaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIyLzEyL3Jlc2VhcmNoZXJzLXVuY292ZXItZGFya25ldC1zZXJ2aWNlLmh0bWw_YW1wPTE?oc=5\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Researchers Uncover Darknet Service Allowing Hackers to Trojanize Legit Android Apps - harchi90\" \/>\n<meta property=\"og:description\" content=\"\ue802Dec 08, 2022\ue804Ravie LakshmananMobile Security \/ Android Malware Researchers have shed light on a new hybrid malware campaign targeting both Android and Windows operating systems in a bid to expand its pool of victims. The attacks entail the use of different malware such as ERMAC, Erbium, Aurora, and Laplas, according to a ThreatFabric report shared &hellip; Researchers Uncover Darknet Service Allowing Hackers to Trojanize Legit Android Apps Read More &raquo;\" \/>\n<meta property=\"og:url\" content=\"https:\/\/news.google.com\/__i\/rss\/rd\/articles\/CBMiSmh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vMjAyMi8xMi9yZXNlYXJjaGVycy11bmNvdmVyLWRhcmtuZXQtc2VydmljZS5odG1s0gFQaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIyLzEyL3Jlc2VhcmNoZXJzLXVuY292ZXItZGFya25ldC1zZXJ2aWNlLmh0bWw_YW1wPTE?oc=5\" \/>\n<meta property=\"og:site_name\" content=\"harchi90\" \/>\n<meta property=\"article:published_time\" content=\"2022-12-10T04:53:11+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/thehackernews.com\/new-images\/img\/b\/R29vZ2xl\/AVvXsEhOwM4QU1W7ICA931NjHcIeWep_dmFRuPbubiGJogsVwcOGRO8Ndbj61LKAhJzXGYUNKToGXtufxpvNfxFpLAB2bqXCLyRoz7NCzjCvEOw1Ti1PbZS0uG6rjA_IPSJ5tSspXOCZNb09eS_V0UtKSIHG9Ol4jE2erFjOLxFGxJLJNC3cjqi7hLSgmMo5\/s728-e1000\/malware.png\" \/>\n<meta name=\"author\" content=\"islamlacoste58\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/thehackernews.com\/new-images\/img\/b\/R29vZ2xl\/AVvXsEhOwM4QU1W7ICA931NjHcIeWep_dmFRuPbubiGJogsVwcOGRO8Ndbj61LKAhJzXGYUNKToGXtufxpvNfxFpLAB2bqXCLyRoz7NCzjCvEOw1Ti1PbZS0uG6rjA_IPSJ5tSspXOCZNb09eS_V0UtKSIHG9Ol4jE2erFjOLxFGxJLJNC3cjqi7hLSgmMo5\/s728-e1000\/malware.png\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"islamlacoste58\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/harchi90.com\/researchers-uncover-darknet-service-allowing-hackers-to-trojanize-legit-android-apps\/\",\"url\":\"https:\/\/news.google.com\/__i\/rss\/rd\/articles\/CBMiSmh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vMjAyMi8xMi9yZXNlYXJjaGVycy11bmNvdmVyLWRhcmtuZXQtc2VydmljZS5odG1s0gFQaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIyLzEyL3Jlc2VhcmNoZXJzLXVuY292ZXItZGFya25ldC1zZXJ2aWNlLmh0bWw_YW1wPTE?oc=5\",\"name\":\"Researchers Uncover Darknet Service Allowing Hackers to Trojanize Legit Android Apps - harchi90\",\"isPartOf\":{\"@id\":\"https:\/\/harchi90.com\/#website\"},\"datePublished\":\"2022-12-10T04:53:11+00:00\",\"dateModified\":\"2022-12-10T04:53:11+00:00\",\"author\":{\"@id\":\"https:\/\/harchi90.com\/#\/schema\/person\/0689156e87fbe869f0e5efdeef200d5b\"},\"breadcrumb\":{\"@id\":\"https:\/\/news.google.com\/__i\/rss\/rd\/articles\/CBMiSmh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vMjAyMi8xMi9yZXNlYXJjaGVycy11bmNvdmVyLWRhcmtuZXQtc2VydmljZS5odG1s0gFQaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIyLzEyL3Jlc2VhcmNoZXJzLXVuY292ZXItZGFya25ldC1zZXJ2aWNlLmh0bWw_YW1wPTE?oc=5#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/news.google.com\/__i\/rss\/rd\/articles\/CBMiSmh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vMjAyMi8xMi9yZXNlYXJjaGVycy11bmNvdmVyLWRhcmtuZXQtc2VydmljZS5odG1s0gFQaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIyLzEyL3Jlc2VhcmNoZXJzLXVuY292ZXItZGFya25ldC1zZXJ2aWNlLmh0bWw_YW1wPTE?oc=5\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/news.google.com\/__i\/rss\/rd\/articles\/CBMiSmh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vMjAyMi8xMi9yZXNlYXJjaGVycy11bmNvdmVyLWRhcmtuZXQtc2VydmljZS5odG1s0gFQaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIyLzEyL3Jlc2VhcmNoZXJzLXVuY292ZXItZGFya25ldC1zZXJ2aWNlLmh0bWw_YW1wPTE?oc=5#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/harchi90.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Researchers Uncover Darknet Service Allowing Hackers to Trojanize Legit Android Apps\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/harchi90.com\/#website\",\"url\":\"https:\/\/harchi90.com\/\",\"name\":\"harchi90\",\"description\":\"Just another WordPress site\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/harchi90.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/harchi90.com\/#\/schema\/person\/0689156e87fbe869f0e5efdeef200d5b\",\"name\":\"islamlacoste58\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/harchi90.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/5bf7491076e3822b8e0de7b1f9364d75?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/5bf7491076e3822b8e0de7b1f9364d75?s=96&d=mm&r=g\",\"caption\":\"islamlacoste58\"},\"sameAs\":[\"http:\/\/harchi90.com\"],\"url\":\"https:\/\/harchi90.com\/author\/islamlacoste58\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Researchers Uncover Darknet Service Allowing Hackers to Trojanize Legit Android Apps - harchi90","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/news.google.com\/__i\/rss\/rd\/articles\/CBMiSmh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vMjAyMi8xMi9yZXNlYXJjaGVycy11bmNvdmVyLWRhcmtuZXQtc2VydmljZS5odG1s0gFQaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIyLzEyL3Jlc2VhcmNoZXJzLXVuY292ZXItZGFya25ldC1zZXJ2aWNlLmh0bWw_YW1wPTE?oc=5","og_locale":"en_US","og_type":"article","og_title":"Researchers Uncover Darknet Service Allowing Hackers to Trojanize Legit Android Apps - harchi90","og_description":"\ue802Dec 08, 2022\ue804Ravie LakshmananMobile Security \/ Android Malware Researchers have shed light on a new hybrid malware campaign targeting both Android and Windows operating systems in a bid to expand its pool of victims. The attacks entail the use of different malware such as ERMAC, Erbium, Aurora, and Laplas, according to a ThreatFabric report shared &hellip; Researchers Uncover Darknet Service Allowing Hackers to Trojanize Legit Android Apps Read More &raquo;","og_url":"https:\/\/news.google.com\/__i\/rss\/rd\/articles\/CBMiSmh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vMjAyMi8xMi9yZXNlYXJjaGVycy11bmNvdmVyLWRhcmtuZXQtc2VydmljZS5odG1s0gFQaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIyLzEyL3Jlc2VhcmNoZXJzLXVuY292ZXItZGFya25ldC1zZXJ2aWNlLmh0bWw_YW1wPTE?oc=5","og_site_name":"harchi90","article_published_time":"2022-12-10T04:53:11+00:00","og_image":[{"url":"https:\/\/thehackernews.com\/new-images\/img\/b\/R29vZ2xl\/AVvXsEhOwM4QU1W7ICA931NjHcIeWep_dmFRuPbubiGJogsVwcOGRO8Ndbj61LKAhJzXGYUNKToGXtufxpvNfxFpLAB2bqXCLyRoz7NCzjCvEOw1Ti1PbZS0uG6rjA_IPSJ5tSspXOCZNb09eS_V0UtKSIHG9Ol4jE2erFjOLxFGxJLJNC3cjqi7hLSgmMo5\/s728-e1000\/malware.png"}],"author":"islamlacoste58","twitter_card":"summary_large_image","twitter_image":"https:\/\/thehackernews.com\/new-images\/img\/b\/R29vZ2xl\/AVvXsEhOwM4QU1W7ICA931NjHcIeWep_dmFRuPbubiGJogsVwcOGRO8Ndbj61LKAhJzXGYUNKToGXtufxpvNfxFpLAB2bqXCLyRoz7NCzjCvEOw1Ti1PbZS0uG6rjA_IPSJ5tSspXOCZNb09eS_V0UtKSIHG9Ol4jE2erFjOLxFGxJLJNC3cjqi7hLSgmMo5\/s728-e1000\/malware.png","twitter_misc":{"Written by":"islamlacoste58","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/harchi90.com\/researchers-uncover-darknet-service-allowing-hackers-to-trojanize-legit-android-apps\/","url":"https:\/\/news.google.com\/__i\/rss\/rd\/articles\/CBMiSmh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vMjAyMi8xMi9yZXNlYXJjaGVycy11bmNvdmVyLWRhcmtuZXQtc2VydmljZS5odG1s0gFQaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIyLzEyL3Jlc2VhcmNoZXJzLXVuY292ZXItZGFya25ldC1zZXJ2aWNlLmh0bWw_YW1wPTE?oc=5","name":"Researchers Uncover Darknet Service Allowing Hackers to Trojanize Legit Android Apps - harchi90","isPartOf":{"@id":"https:\/\/harchi90.com\/#website"},"datePublished":"2022-12-10T04:53:11+00:00","dateModified":"2022-12-10T04:53:11+00:00","author":{"@id":"https:\/\/harchi90.com\/#\/schema\/person\/0689156e87fbe869f0e5efdeef200d5b"},"breadcrumb":{"@id":"https:\/\/news.google.com\/__i\/rss\/rd\/articles\/CBMiSmh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vMjAyMi8xMi9yZXNlYXJjaGVycy11bmNvdmVyLWRhcmtuZXQtc2VydmljZS5odG1s0gFQaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIyLzEyL3Jlc2VhcmNoZXJzLXVuY292ZXItZGFya25ldC1zZXJ2aWNlLmh0bWw_YW1wPTE?oc=5#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/news.google.com\/__i\/rss\/rd\/articles\/CBMiSmh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vMjAyMi8xMi9yZXNlYXJjaGVycy11bmNvdmVyLWRhcmtuZXQtc2VydmljZS5odG1s0gFQaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIyLzEyL3Jlc2VhcmNoZXJzLXVuY292ZXItZGFya25ldC1zZXJ2aWNlLmh0bWw_YW1wPTE?oc=5"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/news.google.com\/__i\/rss\/rd\/articles\/CBMiSmh0dHBzOi8vdGhlaGFja2VybmV3cy5jb20vMjAyMi8xMi9yZXNlYXJjaGVycy11bmNvdmVyLWRhcmtuZXQtc2VydmljZS5odG1s0gFQaHR0cHM6Ly90aGVoYWNrZXJuZXdzLmNvbS8yMDIyLzEyL3Jlc2VhcmNoZXJzLXVuY292ZXItZGFya25ldC1zZXJ2aWNlLmh0bWw_YW1wPTE?oc=5#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/harchi90.com\/"},{"@type":"ListItem","position":2,"name":"Researchers Uncover Darknet Service Allowing Hackers to Trojanize Legit Android Apps"}]},{"@type":"WebSite","@id":"https:\/\/harchi90.com\/#website","url":"https:\/\/harchi90.com\/","name":"harchi90","description":"Just another WordPress site","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/harchi90.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/harchi90.com\/#\/schema\/person\/0689156e87fbe869f0e5efdeef200d5b","name":"islamlacoste58","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/harchi90.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/5bf7491076e3822b8e0de7b1f9364d75?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/5bf7491076e3822b8e0de7b1f9364d75?s=96&d=mm&r=g","caption":"islamlacoste58"},"sameAs":["http:\/\/harchi90.com"],"url":"https:\/\/harchi90.com\/author\/islamlacoste58\/"}]}},"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":101906,"url":"https:\/\/harchi90.com\/experts-warn-of-stealthy-powershell-backdoor-disguising-as-windows-update\/","url_meta":{"origin":153513,"position":0},"title":"Experts Warn of Stealthy PowerShell Backdoor Disguising as Windows Update","date":"October 19, 2022","format":false,"excerpt":"Details have emerged about a previously undocumented and fully undetectable (FUD) PowerShell backdoor that gains its stealth by disguising itself as part of a Windows update process. \"The covert self-developed tool and the associated C2 commands seem to be the work of a sophisticated, unknown threat actor who has targeted\u2026","rel":"","context":"In &quot;Technology&quot;","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/thehackernews.com\/new-images\/img\/b\/R29vZ2xl\/AVvXsEgvfqow2z1XORevUpzKGWWXZ2DP4dMaNi-7cycpa3J_bSZKv0tO6MP40HLl7lvVJDIswOmb6I-YoNMLJym4v9oLZQczujsMqcttB3M_Cvm6E-zLs0XrpwaTZ_SGFjckDfi3CPfijZaii8Z88_btcKeHKKfxm7cDyF3kaVvsirGpb2JWVH0Ot3xGiC2sZg\/s1600\/strike-728.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":158451,"url":"https:\/\/harchi90.com\/google-launches-osv-scanner-tool-to-identify-open-source-vulnerabilities\/","url_meta":{"origin":153513,"position":1},"title":"Google Launches OSV-Scanner Tool to Identify Open Source Vulnerabilities","date":"December 15, 2022","format":false,"excerpt":"\ue802Dec 13, 2022\ue804Ravie LakshmananOpen Source \/ Vulnerability Database Google on Tuesday announced the open source availability of OSV-Scannera scanner that aims to offer easy access to vulnerability information about various projects. The Go-based tool, powered by the Open Source Vulnerabilities (OSV) database, is designed to connect \"a project's list of\u2026","rel":"","context":"In &quot;Technology&quot;","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":100468,"url":"https:\/\/harchi90.com\/researchers-say-microsoft-office-365-uses-broken-email-encryption-to-secure-messages\/","url_meta":{"origin":153513,"position":2},"title":"Researchers Say Microsoft Office 365 Uses Broken Email Encryption to Secure Messages","date":"October 18, 2022","format":false,"excerpt":"New research has disclosed what's being called a security vulnerability in Microsoft 365 that could be exploited to infer message contents due to the use of a broken cryptographic algorithm. \"The [Office 365 Message Encryption] messages are encrypted in insecure Electronic Codebook (ECB) mode of operation,\" Finnish cybersecurity company WithSecure\u2026","rel":"","context":"In &quot;Technology&quot;","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/thehackernews.com\/new-images\/img\/b\/R29vZ2xl\/AVvXsEgvfqow2z1XORevUpzKGWWXZ2DP4dMaNi-7cycpa3J_bSZKv0tO6MP40HLl7lvVJDIswOmb6I-YoNMLJym4v9oLZQczujsMqcttB3M_Cvm6E-zLs0XrpwaTZ_SGFjckDfi3CPfijZaii8Z88_btcKeHKKfxm7cDyF3kaVvsirGpb2JWVH0Ot3xGiC2sZg\/s1600\/strike-728.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":107947,"url":"https:\/\/harchi90.com\/22-year-old-vulnerability-reported-in-widely-used-sqlite-database-library\/","url_meta":{"origin":153513,"position":3},"title":"22-Year-Old Vulnerability Reported in Widely Used SQLite Database Library","date":"October 25, 2022","format":false,"excerpt":"A high-severity vulnerability has been disclosed in the SQLite database library, which was introduced as part of a code change dating all the way back to October 2000 and could enable attackers to crash or control programs. Tracked as CVE-2022-35737 (CVSS score: 7.5), the 22-year-old issue affects SQLite versions 1.0.12\u2026","rel":"","context":"In &quot;Technology&quot;","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":29447,"url":"https:\/\/harchi90.com\/over-a-dozen-android-apps-on-google-play-store-caught-dropping-banking-malware\/","url_meta":{"origin":153513,"position":4},"title":"Over a Dozen Android Apps on Google Play Store Caught Dropping Banking Malware","date":"July 29, 2022","format":false,"excerpt":"A malicious campaign leveraged seemingly innocuous Android dropper apps on the Google Play Store to compromise users' devices with banking malware. These 17 dropper apps, collectively dubbed DawDropper by Trend Micro, masqueraded as productivity and utility apps such as document scanners, QR code readers, VPN services, and call recorders, among\u2026","rel":"","context":"In &quot;Technology&quot;","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/thehackernews.com\/new-images\/img\/b\/R29vZ2xl\/AVvXsEgvfqow2z1XORevUpzKGWWXZ2DP4dMaNi-7cycpa3J_bSZKv0tO6MP40HLl7lvVJDIswOmb6I-YoNMLJym4v9oLZQczujsMqcttB3M_Cvm6E-zLs0XrpwaTZ_SGFjckDfi3CPfijZaii8Z88_btcKeHKKfxm7cDyF3kaVvsirGpb2JWVH0Ot3xGiC2sZg\/s1600\/strike-728.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":19179,"url":"https:\/\/harchi90.com\/several-new-play-store-apps-spotted-distributing-joker-facestealer-and-coper-malware-the-hacker-news\/","url_meta":{"origin":153513,"position":5},"title":"Several New Play Store Apps Spotted Distributing Joker, Facestealer and Coper Malware \u2014 The Hacker News","date":"July 19, 2022","format":false,"excerpt":"Google has taken steps to ax dozens of fraudulent apps from the official Play Store that were spotted propagating Joker, Facestealer, and Coper malware families through the virtual marketplace. While the Android storefront is considered to be a trusted source for discovering and installing apps, bad actors have repeatedly found\u2026","rel":"","context":"In &quot;Technology&quot;","img":{"alt_text":"","src":"https:\/\/i0.wp.com\/thehackernews.com\/new-images\/img\/b\/R29vZ2xl\/AVvXsEgvfqow2z1XORevUpzKGWWXZ2DP4dMaNi-7cycpa3J_bSZKv0tO6MP40HLl7lvVJDIswOmb6I-YoNMLJym4v9oLZQczujsMqcttB3M_Cvm6E-zLs0XrpwaTZ_SGFjckDfi3CPfijZaii8Z88_btcKeHKKfxm7cDyF3kaVvsirGpb2JWVH0Ot3xGiC2sZg\/s1600\/strike-728.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]}],"fifu_image_url":"https:\/\/thehackernews.com\/new-images\/img\/b\/R29vZ2xl\/AVvXsEhOwM4QU1W7ICA931NjHcIeWep_dmFRuPbubiGJogsVwcOGRO8Ndbj61LKAhJzXGYUNKToGXtufxpvNfxFpLAB2bqXCLyRoz7NCzjCvEOw1Ti1PbZS0uG6rjA_IPSJ5tSspXOCZNb09eS_V0UtKSIHG9Ol4jE2erFjOLxFGxJLJNC3cjqi7hLSgmMo5\/s728-e1000\/malware.png","_links":{"self":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts\/153513"}],"collection":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/comments?post=153513"}],"version-history":[{"count":0,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts\/153513\/revisions"}],"wp:attachment":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/media?parent=153513"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/categories?post=153513"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/tags?post=153513"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}