Cyfirma researchers have found a trojan called FireScam masked as a fake Telegram Premium app, distributed via a deceptive Github.io site impersonating the RuStore, a popular Russian app store. This Android infostealer malware seeks out sensitive Android data such as notifications, messages, and app data, which is funneled to a Firebase Realtime Database endpoint. Additionally, FireScam monitors Android device activities on a wide scale and can maintain control over affected devices.
North Korean Hackers Use Fake U.S. Companies to Spread Malware in Crypto Industry: Report
North Korean hackers reportedly set up shell companies in the US to penetrate the crypto sector and target developers via fake job offers, according to
