Skip to main content
Useful Links
Useful Links

Repair or Purchase : Laptop-CPU-Monitor **Click Below Images**

COMPUTER
LAPTOP
REPAIR
Slide 1
Slide 3
Slide 4

Software LIst: Click & Download

Projects: Click & Download

Presentations: Click & Download

Tech Updates

🤩

Loading...

Featured

Posted by Keyul Nayak

Pune Army colonel’s credit card charged for Rs 3.8 lakh to Hong Kong hotel in fake traffic challan fraud

  An Indian Army colonel in Pune has fallen victim to a cyber fraud involving a fake traffic challan after clicking on a link that falsely claimed there were pending dues in his name. The incident resulted in an unauthorised payment of over 32,000 Hong Kong dollars—Rs 3.81 lakh—from his credit card to a hotel in Hong Kong. According to the First Information Report (FIR) registered at the Chatushrungi police station on Wednesday, the colonel, who is in his late 40s and posted with a defence establishment in  Pune , received a message late on Monday night and opened it on Tuesday morning. When he opened the link in the message, it redirected him to a message stating that a Rs 590 payment for a traffic violation challan for his vehicle was pending. The colonel proceeded to furnish financial details on an online form. He then clicked the option to generate a one-time password (OTP). Moments later, 32,939 Hong Kong Dollars were deducted from his credit card as a payment to a ho...
Post a Comment
Read more
Posted by Keyul Nayak

Android Malware operations merge droppers, SMS theft and RAT capabilities at scale

 


Threat actors have been observed leveraging malicious dropper apps masquerading as legitimate applications to deliver an Android SMS stealer dubbed Wonderland in mobile attacks targeting users in Uzbekistan.

"Previously, users received 'pure' Trojan APKs that acted as malware immediately upon installation," Group-IB said in an analysis published last week. "Now, adversaries increasingly deploy droppers disguised as legitimate applications. The dropper looks harmless on the surface but contains a built-in malicious payload, which is deployed locally after installation – even without an active internet connection."

Wonderland (formerly WretchedCat), according to the Singapore-headquartered cybersecurity company, facilitates bidirectional command-and-control (C2) communication to execute commands in real-time, allowing for arbitrary USSD requests and SMS theft. It masquerades as Google Play, or files of other formats, such as videos, photos, and wedding invitations.

The financially motivated threat actor behind the malware, TrickyWonders, leverages Telegram as the primary platform to coordinate various aspects of the operation. First discovered in November 2023, it's also attributed to two dropper malware families that are designed to conceal the primary encrypted payload -

·         MidnightDat (First seen on August 27, 2025)

·         RoundRift (First seen on October 15, 2025)

Wonderland is mainly propagated using fake Google Play Store web pages, ad campaigns on Facebook, bogus accounts on dating apps, and messaging apps like Telegram, with the attackers abusing stolen Telegram sessions of Uzbek users sold on dark web markets to distribute APK files to victims' contacts and chats.

Once the malware is installed, it gains access to SMS messages and intercepts one-time passwords (OTPs), which the group uses to siphon funds from victims' bank cards. Other capabilities include retrieving phone numbers, exfiltrating contact lists, hiding push notifications to suppress security or one-time password (OTP) alerts, and even sending SMS messages from infected devices for lateral movement.

Welcome to your go-to source for everything technology! We explore the rapidly evolving digital landscape, covering the latest gadgets, software trends, and the impact of innovation on our daily lives.

Comments

Post a Comment