Android Security

SparkKitty Malware: Stealing Photos from iOS and Android Users

Posted: July 09, 2025

Categories: Malware Alerts, Data Breach, Android Security

Tags: trojan malware, sparkkitty malware, southeast asia cybercrime, photo theft malware, mobile malware campaign, ios and android security, enterprise provisioning profiles, cybersecurity threats, cryptocurrency wallet security, app store infiltration

Author: Npav Lab

Learn about SparkKitty, a sophisticated Trojan malware targeting iOS and Android devices to steal personal photos. Discover its distribution methods and the risks it poses, particularly in Southeast Asia and China.

Critical Vulnerability in Xiaomi’s Interoperability App Exposes Users to Unauthorized Access

Posted: June 30, 2025

Categories: Android Security, vulnerability

Tags: xiaomi interoperability app, unauthorized access, software update, security vulnerability, cvss score, cve-2024-45347, bug bounty program

Author: Npav Lab

A critical vulnerability in Xiaomi’s interoperability app (CVE-2024-45347) exposes millions of users to unauthorized access. Learn about the flaw, affected versions, and the importance of updating your software.

Beware of Wedding Invitation Scams: SpyMax RAT Targeting Android Devices

Posted: June 26, 2025

Categories: Malware Alerts, Android Security, RAT

Tags: whatsapp, wedding invitation scam, telegram, spymax rat, remote access trojan, mobile malware, digital security, data exfiltration, cybersecurity, android phishing campaign

Author: Npav Lab

A new phishing campaign in India exploits wedding invitations to distribute SpyMax RAT malware on Android devices. Learn how to recognize and protect yourself from this sophisticated cyber threat.

SparkKitty Spyware Targets iOS and Android Devices via App Stores

Posted: June 23, 2025

Categories: Cyber Attack, Data Breach, Android Security, Spyware

Tags: sparkkitty spyware, photo theft, mobile security threats, ios malware, google play store, cybersecurity, cryptocurrency theft, command and control servers, app store, android malware

Author: Npav Lab

Discover the SparkKitty spyware campaign targeting iOS and Android devices through official app stores. Learn about its sophisticated techniques, objectives, and the risks it poses to mobile users.

FBI Issues Urgent Warning: Rising DMV Text Scam Threat Targets iPhone and Android Users

Posted: June 20, 2025

Categories: Android Security, Hacking

Tags: unsolicited text messages, scam prevention tips, phishing scams, personal data theft, malware installation, iphone android users, fbi warning, dmv text scam, cyber threats

Author: Npav Lab

The FBI warns iPhone and Android users about a surge in DMV text scams, urging immediate deletion of suspicious messages. Learn how to protect yourself from these rising cyber threats.

New SuperCard Malware Exploits Hacked Android Phones to Steal Payment Card Data

Posted: June 19, 2025

Categories: Malware Alerts, Android Security, Hacking, Credit card scam, Financial fraud

Tags: supercard malware, social engineering attacks, payment card data theft, nfc malware, mobile payment fraud, malware-as-a-service, cybersecurity threats, contactless payment security, android payment security

Author: Npav Lab

A new malware strain called SuperCard exploits hacked Android phones to steal payment card data during contactless transactions. Learn about its infection mechanism and the growing threat to mobile payment security.

Malicious Loan App "RapiPlata" Infects Over 150,000 Devices on iOS and Android

Posted: June 17, 2025

Categories: Malware Alerts, Android Security, Financial fraud, Fraud Protector

Tags: user privacy, spyloan malware, social engineering, rapiplata loan app, malicious app, ios android malware, financial fraud, data theft, cybersecurity threat, app store vulnerabilities

Author: Npav Lab

A fraudulent loan app, "RapiPlata," has infected over 150,000 iOS and Android devices, stealing sensitive data and threatening users. Learn about the app's malicious tactics and ongoing risks.

WhatsApp Image Scam: Man Loses ₹2 Lakh Just by Downloading a Photo

Posted: April 22, 2025

Categories: Android Security, WhatsApp

Tags: whatsapp image scam, steganography attack

Author: Npav Lab

A 28-year-old man from Maharashtra fell victim to a stealthy and advanced cyberattack after downloading a seemingly innocent image on WhatsApp. The scam, which didn't involve any suspicious links or OTPs, highlights a disturbing new threat vector that exploits hidden malware embedded in image files.

Android SpyMax Spyware Alert: Total Control Malware Masquerades as Government App

Posted: April 18, 2025

Categories: Malware Alerts, Android Security

Tags: fake government apps, android spyware

Author: Npav Lab

A highly advanced Android spyware operation has surfaced, posing as the official app of the Chinese Prosecutor’s Office. Dubbed SpyMax, this malware is part of the SpyNote family and is capable of hijacking nearly every aspect of an Android device—using deceptive UI tactics and exploiting accessibility services.

Hackers Clone Google Chrome Install Page to Spread Dangerous Android Malware

Posted: April 14, 2025

Categories: Malware Alerts, Android Security

Tags: spynote rat, google play scam

Author: Npav Lab

Cybersecurity experts have uncovered a dangerous malware campaign where hackers mimic the Google Chrome install page to trick Android users into downloading a powerful spying tool called SpyNote. These fake pages look nearly identical to the real Google Play Store and are hosted on newly registered shady domains. When users fall for the trick and install the app, they unknowingly give hackers full control of their device.