Threat Category: Mobile threats | Page 2

Kaspersky’s GReAT looks back on the 2024 predictions about financial and crimeware threats, and explores potential cybercrime trends for 2025.

Kaspersky experts have discovered a new version of the Necro Trojan, which has attacked tens of thousands of Android devices through Google Play and Spotify and WhatsApp mods.

The report gives statistics on mobile malware and unwanted software for Q2 2024, including mobile banking Trojans and ransomware.

Previously unknown spyware LianSpy targets Android devices by exploiting root privileges to steal data and leveraging Yandex Disk cloud service as C2.

Mandrake spyware threat actors resume attacks with new functionality targeting Android devices while being publicly available on Google Play.

Mobile malware statistics for Q1 2024: most common threats for Android, mobile banking Trojans, and ransomware Trojans.

In this report, we review the most significant malware-related events of Q1 2024: the disclosure of the hardware vulnerability used in Operation Triangulation, a lightweight method to detect iOS malware and DinodasRAT Linux implant.

In this report, we share our insights into the 2023 trends and statistics on financial threats, such as phishing, PC and mobile banking malware.

We review the new mobile Trojan banker SoumniBot, which exploits bugs in the Android manifest parser to dodge analysis and detection.

In this report, we share our latest Android malware findings: the Tambir spyware, Dwphon downloader and Gigabud banking Trojan.

In this report, Kaspersky shares statistics on stalkerware detections, as well as insights into the impact of digital stalking in 2023 and the beginning of 2024, and advice for those affected.

This report details statistics and key trends associated with mobile malware: Google Play Trojans, malicious messaging app mods, and others.

Analyzing Shutdown.log file as a lightweight method to detect indicators of infection with sophisticated iOS malware such as Pegasus, Reign and Predator.

Mobile threat statistics for Q3 2023 include data on malware, adware, banking Trojans and ransomware for Android devices.

Attacks on a critical infrastructure target in South Africa, supply-chain attack on Linux machines, Telegram doppelganger used to target people in China.

Reports

Kaspersky researchers analyze updated CoolClient backdoor and new tools and scripts used in HoneyMyte (aka Mustang Panda or Bronze President) APT campaigns, including three variants of a browser data stealer.

Kaspersky discloses a 2025 HoneyMyte (aka Mustang Panda or Bronze President) APT campaign, which uses a kernel-mode rootkit to deliver and protect a ToneShell backdoor.

Kaspersky GReAT experts analyze the Evasive Panda APT’s infection chain, including shellcode encrypted with DPAPI and RC5, as well as the MgBot implant.

Kaspersky expert describes new malicious tools employed by the Cloud Atlas APT, including implants of their signature backdoors VBShower, VBCloud, PowerShower, and CloudAtlas.

Mobile threats

Сrimeware and financial cyberthreats in 2025

How the Necro Trojan infiltrated Google Play, again

IT threat evolution in Q2 2024. Mobile statistics

LianSpy: new Android spyware targeting Russian users

Mandrake spyware sneaks onto Google Play again, flying under the radar for two years

IT threat evolution in Q1 2024. Mobile statistics

IT threat evolution Q1 2024

Financial cyberthreats in 2023

SoumniBot: the new Android banker’s unique techniques

Android malware, Android malware and more Android malware

The State of Stalkerware in 2023–2024

The mobile malware threat landscape in 2023

A lightweight method to detect potential iOS malware

IT threat evolution in Q3 2023. Mobile statistics

IT threat evolution Q3 2023

Reports

HoneyMyte updates CoolClient and deploys multiple stealers in recent campaigns

The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor

Evasive Panda APT poisons DNS requests to deliver MgBot

Cloud Atlas activity in the first half of 2025: what changed

Subscribe to our weekly e-mails