Home

Awesome

Popular Android malware seen in 2022

January

-bianLian
981c18b7fe8f0e47a5e5f1e67b8a66a2
924f353957c8c786a2eeb6422a1bbe3b

-brata
2dfdce36a367b89b0de1a2ffc1052e24
220ec1e3effb6f4a4a3acb6b3b3d2e90
e664bd7951d45d0a33529913cfbcbac0

-capraRAT
aefaf256916cb229c42ffeb1bca18c39
9452673652cee123f62a87f12e2894df

-darkHerring
21392ae9e06b4541421e10a871c140a3
e92dc4eb0bb3894fdf13035b368dbbe8

-tianySpy
0ae4b1fae2c902c7146ee664ba5788d8
924a8b1d7396a7e21e026b4424fcd080
cf8e1c24065c6af0d2c64c8e454dc808

-fluBotTeaBot
125a0b5013e3ef4b6a4af2d184b68a0b
6be155472cedc94d834a220b6217c029

-facestealer
0ed449f32ab9f2c8cd68f8c9d5550e1b
38a72e3b36c4b44bf22c0ce78ec668d1

Noteworthy blogs:
https://github.com/FrenchYeti/interruptor
https://news.drweb.com/show/review/?i=14395&lng=en
https://www.f5.com/labs/articles/threat-intelligence/flubots-authors-employ-creative-and-sophisticated-techniques-to-achieve-their-goals-in-version-50-and-beyond
https://www.purpl3f0xsecur1ty.tech/2022/01/10/eblagh-re.html

February

-bankerDropper
0d00206b8e9814ec56c8ed8cff4de107

-flubotMedusa
42331cf55ee2174ac0d137d27633f7ea
fc56d0d18e90530c2416684852e6a552

-roamingMantis
19c4be7d5d8bf759771f35dec45f267a
527b5eebb6dbd3d0b777c714e707659c

-smsPva
92a54e1eccfa67a91dbd62537a085813
aee899cc8f49c50cf1478ad8c8298ebb

-xenomorph
e39505e65aec6835f680c902e1c8f7d8

-joker
7b31ed2c2245c0dcf71357eed448e7a3
6e05b674fb8725a4f1faae9d39be1b94

Notable Blogs:
https://securelist.com/mobile-malware-evolution-2021/105876/
https://medium.com/@Za_Raczke/how-android-updates-work-a-peek-behind-the-curtains-from-an-insider-1d8e1a48ec0b
https://securitycafe.ro/2022/02/01/root-detection-and-ssl-pinning-bypass/
https://nex.sx/tech/2022/01/28/a-primer-on-android-forensics.html
https://nex.sx/tech/2022/02/04/diving-deeper-in-android-system-diagnostics.html
https://sensepost.com/blog/2022/sim-hijacking/
https://github.com/andpalmier/apkingo
https://infosecwriteups.com/intercepting-android-emulator-ssl-traffic-with-burp-using-magisk-bc948dca68f9

September

-fakeEShop
b91d45e2b33d0446d814bc86d1477d28
2c428b6e60950590b18f6c761e144423

-zanubis
916c7b0264d6120982665ec43461f326
4910e49a3c270289abeec6e7a40ce552
04b233d9742a2e5e2b93092fb4ed635e

-sharkbot
9fa1e4b615d69f04da261267331a202b
302af56b5507e291e58c540df217a3b5

-spyUgyhur
a38e8d70855412b7ece6de603b35ad63

-infoStealer
9c71f5ad54bc05c6253c23596893f587
b301c4b060dadf887e53d671aa6a7aff
6903e41347af87f4c4865c90f2217ea8

-scylla
fa7af170b571f1666b8b736a765d4b23
97a7babf06dd0188848a504b1551232f
a98263d9e3fe4afeb8a427efbca119c3

-scarletMimic
a4f09ccb185d73df1dec4a0b16bf6e2c
b5fb0fb9488e1b8aa032d7788282005f
a38e8d70855412b7ece6de603b35ad63 f10c5efe7eea3c5b7ebb7f3bf7624073

-harly
2cc9ab72f12baa8c0876c1bd6f8455e7

Noteworthy Blogs:
-https://www.mandiant.com/media/17826 -https://muha2xmad.github.io/malware-analysis/sova/
-https://cybergeeks.tech/a-technical-analysis-of-pegasus-for-android-part-2/
-https://github.com/tanprathan/MobileApp-Pentest-Cheatsheet
-https://medium.com/androiddevelopers/the-deep-links-crash-course-part-1-introduction-to-deep-links-2189e509e269