FlagThis

A threat actor has successfully targeted low-skilled hackers, often referred to as ‘script kiddies,’ by distributing a fake malware builder. The builder is not what they expected, instead it secretly infects the user’s systems with a backdoor. This sophisticated method allowed the attacker to compromise over 18,000 devices, highlighting a serious issue in the threat landscape. This indicates that even low skilled attackers can be targets and may unknowingly become victims.

DroidBot, a novel Android RAT, targets 77 banks, cryptocurrency exchanges, and national organizations. It combines VNC and overlay attacks with keylogging and UI monitoring. Campaigns have been detected in Europe and potentially spreading to Latin America, highlighting the threat of advanced Android malware targeting financial institutions. DroidBot’s sophistication and wide reach make it a significant concern.