Instead of using fixed screen coordinates or simple automation rules, PromptSpy sends Gemini a natural-language request along with an XML snapshot of the current screen. This snapshot includes details about visible elements such as text, type, and screen position.

Gemini analyzes the screen content and responds with JSON instructions telling the malware what action to perform — such as tap, long-press, or swipe — and exactly where to do it.

The main goal is persistence. PromptSpy uses this AI-driven method to keep its malicious app pinned in the Recent Apps list, even when the user tries to close it.

The malware runs in a loop. It executes Gemini’s instructions using Android’s Accessibility Service, captures the updated screen, and sends it back to Gemini. This continues until the AI confirms the app is successfully pinned. Because it relies on AI analysis instead of hardcoded rules, it works across different devices, Android versions, and manufacturer customizations.

Security researchers at ESET describe PromptSpy as the first known Android malware to directly integrate generative AI into its execution flow. The focus is stealthy persistence and maintaining control over the device.

Android AI Malware Capabilities

Beyond AI-based persistence, PromptSpy also acts as a powerful remote access tool.

It includes a built-in VNC component that allows attackers to control the infected phone in real time. Once the victim grants Accessibility permissions, attackers can:

• View the device screen live
• Simulate taps and gestures
• Perform actions as if physically holding the phone

The malware can capture lockscreen credentials, gather device information, take screenshots, record screen activity as video, and monitor which app is currently in use.

It communicates with a hardcoded command-and-control server using the VNC protocol, protected by AES encryption. The server can also send a Gemini API key and additional task instructions to the malware.

PromptSpy also actively blocks removal attempts. It abuses Accessibility permissions to place invisible overlays on important system buttons, including those used to uninstall the app or disable its privileges.

These transparent overlays intercept user taps on “Uninstall” or “Stop,” preventing normal removal.

Technical analysis shows that PromptSpy is delivered through a dropper app. The malicious payload (app-release.apk) is embedded inside the dropper’s assets directory.

Campaign Spread and Target Regions

ESET connects PromptSpy to a multi-stage, financially driven campaign mainly targeting users in Argentina.

An earlier variant, VNCSpy, was uploaded from Hong Kong in January 2026. More advanced PromptSpy samples appeared from Argentina in February 2026.

The malware spread through domains such as mgardownload[.]com and m-mgarg[.]com, which imitated JPMorgan Chase branding under the name “MorganArg” using Spanish banking lures.

Analysis of the same infrastructure revealed another Android phishing trojan signed with the same certificate and using the same fake banking site, likely acting as the initial infection stage before deploying PromptSpy.

Although PromptSpy has not appeared widely in ESET telemetry and may still be in limited testing, the active domains confirm some real-world use.

Code findings, including simplified Chinese debug strings and references to Chinese Accessibility events, suggest development in a Chinese-speaking environment, even though current targets are in Latin America.

PromptSpy is not available on Google Play, and Google Play Protect now detects known variants.

This campaign follows ESET’s 2025 discovery of PromptLock, an AI-powered ransomware prototype, highlighting the growing use of generative AI in malware operations.

IOCs

‍Follow Us on: Linkedin, Instagram, Facebook to get the latest security news!

The post PromptSpy: Android Malware Uses Google Gemini AI appeared first on First Hackers News.

Reports suggest the problem is widespread and impacts devices using the Android Accessibility Suite.

What’s Going Wrong

When Select to Speak is turned on, Android reroutes the function of the physical volume buttons. Instead of controlling media volume or acting as a camera shutter, the buttons only adjust accessibility audio levels.

This means:

• Media playback volume cannot be changed using hardware keys
• Volume buttons no longer work for taking photos in the camera app
• Core hardware controls behave in unexpected ways

For many users, this disrupts common workflows like quickly snapping photos or managing audio during calls, videos, or music playback.

Who Is Affected and Why It Matters

Select to Speak is designed to help users with visual or reading difficulties by reading on-screen text aloud, even while other apps run in the background. However, the way it intercepts hardware button events appears to conflict with Android’s system-level volume handling.

This creates a difficult situation for users who:

• Depend on accessibility features daily
• Also rely on hardware buttons for fast and reliable control

In effect, users are forced to choose between accessibility support and basic device usability.

Google’s Android Community Team has acknowledged the issue through official support channels and confirmed that engineers are working on a fix.

Temporary Workaround

Until a permanent update is released, users can restore normal volume button behavior by:

1. Opening Settings
2. Going to Accessibility
3. Selecting Select to Speak
4. Turning the feature off

While this restores standard volume and camera functionality, it disables Select to Speak entirely.

Google is expected to release a patch that resolves how accessibility services interact with hardware controls. The fix will likely refine how key events are handled so accessibility features don’t override essential system functions.

This issue also highlights a broader challenge in Android development: ensuring accessibility improvements enhance usability without breaking core device behavior.

The post Android Volume Button Bug Tied to Select to Speak Feature appeared first on First Hackers News.

Triada is still one of the most common Android threats. Data from Q3 2025 shows it accounts for nearly 16% of all detected Android malware — proving it’s far from fading.

Adex’s investigation revealed that the Triada group spent the last five years trying to slip into legitimate ad networks. Instead of using typical malware delivery methods, the attackers went after trusted systems and platforms. They hijacked advertiser accounts, uploaded malicious APKs to places like GitHub and Discord CDNs, and used hidden redirects to avoid detection.

How the attackers operated

The campaign evolved in three major stages:

2020–2021:
Attackers created fake advertiser accounts using poorly forged IDs and ran ads pointing to malware hosted on Discord CDNs and short links. Their landing pages imitated real service websites to look legitimate.

2022–2024:
The strategy shifted to taking over real advertiser accounts that did not have two-factor authentication enabled. Once inside, the attackers launched hidden ad campaigns that redirected users to malicious files hosted on trusted sources like GitHub.

2025:
The latest wave became even more advanced. Hackers used phishing pages pretending to be urgent Chrome updates and layered multiple redirects to hide the final malicious download. VirusTotal logs linked suspicious account activity to Turkey and India, pointing to a coordinated operation. In total, Adex discovered and banned more than 500 accounts tied to the scheme.

The case shows that even reputable domains and platforms can be misused for malware delivery. A clean domain no longer guarantees clean behavior.

How Adex responded

To protect ad networks moving forward, Adex and PropellerAds rolled out stronger security measures. These include stricter KYC checks through Sumsub, mandatory 2FA for all advertiser accounts, login monitoring to catch anomalies, and full verification of redirects and domains — even when campaigns use well-known services like GitHub or Discord.

These steps have made it much harder for attackers to exploit ad infrastructure and helped secure the ecosystem against similar threats in the future.

The post Android Users Hit as Hackers Push Triada via Ad Networks appeared first on First Hackers News.

All about Albiriox malware

The malware first showed up in private forums in September 2025 and later became available to more buyers in October. The operation is linked to Russian-speaking threat actors who market the tool to cybercriminals. The subscription costs about $650 per month and gives access to the full set of features.

Albiriox is more advanced than normal credential stealers. It includes a VNC module that streams the victim’s screen in real time. Attackers can see everything happening on the device and control it as if they were holding the phone.

This real-time access lets them perform banking fraud directly on the device without the user noticing. Because the actions happen on the real device, the malware can bypass device fingerprinting and defeat two-factor authentication.

Two-Stage Infection Chain

Albiriox spreads through a simple but effective two-step method designed to avoid detection. Early attacks focused on users in Austria by using a fake version of the popular Penny Market app.

The infection process works like this:

Victims receive an SMS with a shortened link offering prizes or discounts. The link leads to a fake Google Play Store page.
The user then downloads a dropper app, such as the fake Penny app.
After installation, the dropper asks for “Install Unknown Apps” permission and then downloads the real Albiriox malware from a command-and-control server.

Recent campaigns also use WhatsApp messages. Users are asked to enter their phone number to get the download link. This helps attackers target specific regions, such as Austria.

Albiriox is built for stealth and full control. It uses a service called Golden Crypt to stay hidden from antivirus tools. Once running, it abuses Accessibility Services to perform overlay attacks and record keystrokes.

The malware includes a hardcoded list of more than 400 apps. These apps include major banking apps, crypto wallets, and global payment services.

Feature: Android banking trojan / Remote Access Trojan
Model: Sold as Malware-as-a-Service
Main Methods: On-device fraud, overlay attacks, VNC screen streaming
Target Range: 400+ banking and crypto apps
Evasion: Golden Crypt obfuscation, JSONPacker, two-stage dropper
C2 Communication: Unencrypted TCP with JSON commands

Albiriox is evolving quickly and is becoming a strong tool for financial fraud. Its mix of screen streaming and accessibility abuse allows attackers to operate in the background without the user noticing, making it a major threat to Android users and financial institutions.

IOCs

‍Follow Us on: Linkedin, Instagram, Facebook to get the latest security news!

The post Android Users Hit by New Albiriox Malware appeared first on First Hackers News.

All about the malware-Herodotus

Found alongside Hook and Octo during routine monitoring, the samples more closely resemble Brokewell but include original code for advanced evasion. Active campaigns target users in Italy and Brazil, and the malware is being sold as Malware-as-a-Service by a threat actor named K1R0.

ThreatFabric found Herodotus follows modern banking-trojan trends but adds human-like remote-control input to evade behavioral biometric detection.

Herodotus begins with side-loading often delivered through SMiShing links that lure victims to malicious downloads. A custom dropper circumvents Android 13+ Accessibility Service restrictions by auto-installing the payload, opening the Accessibility settings and displaying a convincing loading overlay that hides the prompts used to grant powerful permissions.

After activation the trojan fingerprints the device by collecting the installed apps and sends that inventory to its command-and-control server, which returns a tailored list of high-value targets and overlay URLs.

The malware then injects realistic-looking fake login screens over legitimate banking apps and intercepts incoming SMS messages so it can harvest credentials and one-time codes in real time.

Where Herodotus stands out is in how it performs input during remote takeover. Instead of pasting whole strings via ACTION_SET_TEXT or the clipboard, which creates instant, machine-like input patterns, it breaks operator-supplied text into single characters and inserts them at randomized intervals.

This per-character, delayed typing produces timing and rhythm very similar to human typing, reducing anomaly signals and making behavioral anti-fraud systems less likely to flag the session as automated.

Herodotus inserts 300–3000 ms delays between keystrokes to mimic human typing and try to fool basic behavioral detectors, though advanced profiling systems can still spot anomalies. Operators enable it with a “Delayed text” checkbox in the control panel.

Indicators of Compromise

Sample

The post Herodotus mimics humans to bypass biometrics appeared first on First Hackers News.

This advanced version of the DCHSpy Android surveillance tool, deployed just a week after the escalation in the Israel-Iran conflict, marks a major leap in mobile surveillance technology. It focuses on stealing sensitive communications data, taking advantage of the current geopolitical unrest to trick victims into falling prey to the attack.

The DCHSpy Malware: A Tool of MuddyWater’s Global Cyber Espionage Campaign

The DCHSpy malware family has been linked to MuddyWater, an Advanced Persistent Threat (APT) group with suspected ties to Iran’s Ministry of Intelligence and Security (MOIS). This cyber espionage group has a long history of targeting a wide array of government and private organizations, including those in telecommunications, defense, oil, and local government sectors, across the Middle East, Asia, Africa, Europe, and North America.

The timing of the latest DCHSpy samples is particularly noteworthy, appearing around a week after Israel’s first strikes on Iranian nuclear facilities.

The malware showcases ongoing development and increased sophistication, reflecting continued investment by state-sponsored actors in mobile surveillance technologies.

Technical analysis has revealed that DCHSpy shares infrastructure with another Android malware, SandStrike, which was previously used to target Baháʼí practitioners. Researchers also found that hardcoded command and control (C2) IP addresses were reused across different malware families, establishing clear connections between various campaigns.

DCHSpy: A Sophisticated Modular Surveillanceware with Advanced Exfiltration Capabilities

DCHSpy operates as a highly modular surveillanceware platform with extensive data collection features. The malware systematically harvests sensitive data from infected devices, including:

• User accounts logged into various apps
• Contacts, SMS messages, and local files
• Precise location data and complete call logs
• Audio recordings by taking control of device microphones
• Photos through manipulation of device cameras

The latest variants have notably enhanced capabilities for extracting WhatsApp data, marking a significant advancement over previous versions.

Once the data is collected, it is compressed and encrypted using passwords received from Command and Control (C2) servers. The encrypted payload is then securely transmitted to Secure File Transfer Protocol (SFTP) servers, ensuring stealthy and effective exfiltration while evading detection.

Analyzed samples, such as one with the SHA1 hash 9dec46d71289710cd09582d84017718e0547f438, were found to be distributed under seemingly legitimate names, such as starlink_vpn(1.3.0)-3012 (1).apk, which highlights the sophisticated naming conventions used to mask its true intent.

MuddyWater, the APT group behind DCHSpy, employs social engineering tactics, capitalizing on timely political events and critical services to lure victims. The group typically distributes these malicious applications via Telegram channels, masquerading as legitimate VPN services like EarthVPN and ComodoVPN.

The distribution pages for DCHSpy are carefully crafted to appeal to both English and Farsi-speaking audiences who hold views opposing the Iranian regime. These pages use targeted language and themes designed to attract individuals in politically sensitive environments.

The integration of StarLink-themed lures is particularly significant, appearing to coincide with reports of StarLink providing internet services to Iranian citizens during government-imposed internet outages following the escalation of hostilities between Israel and Iran. This strategic timing showcases how threat actors take advantage of humanitarian crises and the need for internet connectivity to distribute malicious surveillance tools.

By exploiting these circumstances, DCHSpy targets activists and journalists operating in highly restrictive environments, using their vulnerability to deliver tools designed to monitor and suppress their activities. This highlights the increasing sophistication of cyber espionage tactics that manipulate geopolitical and social crises to achieve surveillance objectives.

The post New DCHSpy Malware Targets Android: Steals WhatsApp Data, Call Logs, and More appeared first on First Hackers News.

How the Spyware Works

The spyware, which TechCrunch chose not to name, exploits Android’s overlay permission to hijack the uninstall process. When a victim attempts to remove the app, a password prompt appears, blocking uninstallation unless the correct password—set by the installer—is entered.

Disguised under a generic name like “System Settings”, with an Android-default icon, the app hides from the home screen while secretly collecting and transmitting messages, photos, and real-time locations to an online dashboard controlled by the attacker.

This spyware falls into the growing category of consumer-grade surveillance tools, known as “stalkerware” or “spouseware.”

Although marketed for monitoring children or employees, these apps are often misused for spying on individuals without consent, which is both invasive and illegal.

They are usually downloaded from unofficial sources and require physical access to the victim’s phone and their passcode. Once installed, they exploit Android features like device admin privileges to stay hidden and prevent removal.

Removing the Spyware

Here’s how to remove the spyware:

1. Reboot to Safe Mode: Hold down the power button, then press and hold the “Power Off” option. Confirm the “Reboot to Safe Mode” prompt.
2. Identify Suspicious Apps: In safe mode, check the “Device Admin” apps in the settings and disable any unrecognized apps.
3. Uninstall the Spyware: Go to the “Apps” settings, locate the spyware, and select “Uninstall.” Confirm the action.

After removing the app, restart the phone to exit safe mode and secure your device with a stronger passcode to prevent future unauthorized access.

To protect your device, avoid downloading apps from untrusted sources and closely monitor app permissions. If you suspect spyware, consult specialized guides or report the incident to authorities if malicious intent is evident.

This incident highlights the growing sophistication of spyware apps and serves as a reminder for Android users to stay informed and proactive about securing their devices and data.

The post New spyware tricks Android users for passwords appeared first on First Hackers News.

Trinda Malware

The malware, found in over 2,600 cases globally (mostly in Russia), embeds itself in the system framework, giving attackers full control over the device.

Its capabilities include stealing account info from apps like Telegram and TikTok, intercepting SMS, altering cryptocurrency wallet addresses, monitoring browsing activity, redirecting links, and rerouting phone calls to attackers.

Kaspersky Lab has uncovered a new version of the Triada Trojan that affects Android devices. This variant is pre-installed in counterfeit smartphones, often sold at lower prices through unauthorized online stores.

The malware has been found in over 2,600 cases globally, with most reports coming from Russia. Once installed, it embeds itself deeply in the device’s system framework, allowing attackers full control over the device.

Key risks posed by the malware include:

• Stealing user accounts from messaging apps like Telegram and TikTok
• Intercepting and altering SMS messages
• Replacing cryptocurrency wallet addresses to redirect funds
• Monitoring browsing activity and redirecting links
• Replacing phone numbers during calls, rerouting communications to attackers

Users are advised to be cautious when purchasing smartphones from unauthorized sources to avoid falling victim to this Trojan.

The post Trinda Malware: Android Attack Replaces Call Numbers appeared first on First Hackers News.

All about Android Zygote Flaw

The Zygote process is a core part of Android, responsible for launching new apps and system processes. Running with system privileges, it’s a prime target for attackers aiming for elevated access.

The vulnerability stems from how the System Server handles the hidden_api_blacklist_exemptions setting, which lets some apps bypass Android’s hidden API restrictions.

The issue occurs because the System Server doesn’t properly escape newlines in this setting when passing it to Zygote, allowing attackers to inject arbitrary commands into the Zygote process.

Mitigation Steps

To mitigate the risks, users can restore normal Zygote behavior by deleting the modified hidden_api_blacklist_exemptions setting through ADB Shell and rebooting the device. However, this will also remove any injected payloads, requiring attackers to repeat the exploitation process to regain elevated access.

This discovery highlights the importance of securing Android’s core processes and the need for quick patches to prevent such exploits.

The post Android Zygote Flaw Enables Code Execution and Privilege Escalation appeared first on First Hackers News.

Cellebrite Zero-Day Exploit

The attack on December 25, 2024, used vulnerabilities in Linux kernel USB drivers to bypass lock-screen protections on a Samsung Galaxy A32.

Forensic analysis showed the exploit used outdated USB driver flaws to gain root access, extract data, and try to install surveillance tools. This highlights the misuse of digital forensics tools against civil society and gaps in Android’s protection against physical access attacks.

The attack used emulated USB devices to exploit memory corruption flaws in the Linux kernel. Forensic logs show authorities connected malicious devices via Cellebrite’s Turbo Link adapter, including:

• A Chicony CNF7129 webcam (CVE-2024-53104) targeting a USB Video Class driver flaw.
• A Creative Extigy SoundBlaster (CVE-2024-53197) causing descriptor corruption during setup.
• An Anton Touch Pad (CVE-2024-50302) leaking kernel memory through HID reports.

These vulnerabilities, from code dating back to 2010-2013, were patched in Linux 6.6+ and the February 2025 Android Security Bulletin.

Attackers combined the flaws to escalate privileges, with kernel logs showing root access 10 seconds after the final USB HID device connection.

The victim, a 23-year-old student named “Vedran,” was detained during December 2024 protests in Serbia. Device logs support his account:

Post-exploitation activity included using find/grep for file enumeration and deploying Cellebrite’s “falcon” binary for data extraction. Although the target APK failed to install due to a biometric lock, the breach exposed call logs, messages, and protest details.

Google’s Threat Analysis Group worked with Amnesty to analyze the exploits, leading to patches for three CVEs. However, as of March 2025, over 40% of Android devices remain unpatched due to fragmented vendor updates.

Cellebrite suspended its Serbian clients on February 25, 2025, stating: “We found it appropriate to stop use of our products… Our compliance program ensures ethical, lawful use.” Critics argue this lacks transparency, as Cellebrite did not disclose the suspension duration or human rights safeguards. The company’s Premium UFED toolkit is still active in 78 countries despite abuse in 12 since 2022.

The post Android Phones Unlocked via Cellebrite Zero-Day Exploit appeared first on First Hackers News.