AiCoin
AiCoin|Mar 22, 2026 10:49
**[SecureList: Hackers Forge Google Play Pages to Target Brazilian Users]** SecureList revealed that hackers launched an Android malware attack in Brazil by creating phishing pages that mimic the Google Play Store. All known victims are located in Brazil. Attackers trick users into downloading a fake application called "INSS Reembolso," which, upon installation, deploys hidden malicious code that directly loads into memory for execution, exhibiting strong stealth capabilities. The core functionalities of the malware include cryptocurrency mining, utilizing an embedded XMRig program compiled for ARM devices. It can dynamically adjust mining behavior to evade detection and bypass background management mechanisms using silent audio files. Some variants also include banking trojans capable of forging pages on Binance and Trust Wallet's USDT transfer interfaces to replace recipient addresses. Additionally, the malware supports commands for recording audio, capturing screenshots, logging keystrokes, and remotely locking devices.
+4
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads