Cyble Chronicles – May 17th: Latest Findings & Recommendations for the Cybersecurity Community

New Antidot Android Banking Trojan Masquerading as Fake Google Play Updates

A new Android Banking Trojan, dubbed "Antidot," is posing as a Google Play update app to target Android users globally. It uses deceptive tactics, including displaying fake update pages in multiple languages, and employs VNC and overlay techniques to steal credentials and sensitive information. Antidot maintains communication with its Command-and-Control server through WebSocket, allowing for real-time interaction to execute various commands, including collecting SMS messages, initiating USSD requests, and remotely controlling device features such as the camera and screen lock.?

Read Cyble Research and Intelligence Lab’s full analysis of this potent threat here .

?

The Overlapping Cyber Strategies of Transparent Tribe and SideCopy Against India

?

Recently, Cyble uncovered a malicious website linked to SideCopy, indicating a sophisticated effort. SideCopy, active since 2019, targets South Asian nations, particularly India, with a focus on university students. Their infection vector involves spam emails leading to a malicious website hosting malware archive, ultimately deploying RAT payloads like Reverse RAT and Action RAT to connect to Command-and-Control servers. This overlap in targeting suggests a potential collaboration between Transparent Tribe and SideCopy in targeting universities.

Read Cyble Research and Intelligence Lab’s full analysis of this campaign here .?

Cyble Sweeps the Global Infosec Awards 2024 with 9 Category wins

?

Cyber Defense Magazine ’s 2024 Global Infosec Awards saw Cyble securing the gold in 9 key categories! These awards were presented during the RSA conference, where key leaders from across the industry engaged with our Leadership team to discuss emerging trends and threats and how Cyble’s solutions can help combat them. This notable recognition strengthens our resolve to continue empowering organizations with the solutions they need to defend their assets, reputation, and clients from even the most potent cyber threats!

?

Cyble Secures the “Best Threat Intelligence Solution” award at the CSTI Summit 2024

Cyble recently participated in the 4th Annual Cybersecurity and Threat Intelligence Summit & Awards 2024 on May 14th-15th in Kuala Lumpur, where Salleh Kodri, Regional Sales Manager SE at Cyble, hosted a discussion on the key cybersecurity events, trends, and threats emerging in the APAC region. We’re proud to announce that Cyble was awarded the Best Threat Intelligence Solution at this event, adding to our list of accolades for excellence in the field of cyber threat intelligence. A big thank you to all participants and our followers for this major milestone!