The McAfee Mobile Research Team discovered malware campaigns abusing .NET MAUI, a cross-platform development framework, to evade detection. These threats disguise themselves as legitimate apps, targeting users to steal sensitive information.

McAfee Labs observed a surge in phishing campaigns that use fake viral video links to trick users into downloading malware. The attack relies on social engineering, redirecting victims through multiple malicious sites before delivering the payload.

The malware tricks victims into sharing financial information and hides itself after installation, enabling persistent data theft. It exploits Supabase for data exfiltration, exposing over 5,500 records, including SMS messages and card details.

Researchers identified a group of loan apps that share a common framework for encrypting and exfiltrating data from a victim’s device to a command and control (C2) server using a similar HTTP endpoint infrastructure.

In today’s rapidly evolving cyber landscape, malware threats continue to adapt, employing new tactics and leveraging popular platforms to reach unsuspecting victims. One such emerging threat is the Lumma Stealer.

McAfee Labs warned of the spread of AsyncRAT through popular software cracks. Cybercriminals are disguising this malware as cracked versions of well-known software, tricking users into unknowingly installing a sophisticated remote access trojan.

A new mobile malware called SpyAgent has been uncovered by McAfee's Mobile Research Team. This malware targets mnemonic keys used for cryptocurrency wallets by scanning for images containing them on your device.

McAfee Labs has uncovered a unique malware delivery method called the “Clickfix” infection chain, which starts with users being directed to compromised websites and instructed to paste a script into a PowerShell terminal.

McAfee Mobile Research Team found an Android malware that pretends to be the official app of Bahrain and advertises that users can renew or apply for driver’s licenses, visas, and ID cards on mobile.

Scammers exploit Instagram's influencer program to hijack users' accounts by hacking into them, posting about cryptocurrencies, and then tricking victims into providing their login credentials to "vote" for the scammer's fake influencer contest.