This post is also available in:
עברית (Hebrew)
As cybersecurity threats continue to evolve, a new report by Check Point reveals some of the most prevalent malware strains targeting both Android and PC users.
For Android users, the most dangerous threat is the banking trojan Anubis. This malware has evolved into a sophisticated tool capable of intercepting one-time passwords (OTPs) sent via SMS, bypassing multi-factor authentication (MFA), and logging keystrokes. It can also record audio, perform ransomware functions, and grant attackers full remote access to infected devices. Distributed primarily through malicious apps on the Google Play Store, Anubis is now open-source, according to Check Point, making it accessible to various hacker groups for different attacks.
Following Anubis in terms of threat level is AhMyth, a remote access trojan (RAT) that poses a significant risk by disguising itself as legitimate applications like screen recorders, games, or cryptocurrency tools. Once installed, AhMyth can access sensitive information such as banking credentials, passwords, MFA codes, and even cryptocurrency wallet details. Additionally, it enables keylogging, screen capture, camera and microphone access, and SMS interception, making it a powerful tool for cybercriminals.
Another significant threat for Android users according to Check Point is Necro, an Android downloader that retrieves and executes malicious components. Often found in unofficial versions of popular apps like Spotify or WhatsApp, Necro can display invisible ads, install third-party apps, and reroute internet traffic through compromised devices, turning them into proxies for cybercriminal activities.
On the PC side, the most widely seen malware this year is FakeUpdates (also known as SocGholish), linked to the Russian hacker group Evil Corp. Spread via malicious websites, FakeUpdates tricks users into downloading a fake browser update, which then serves as a gateway for additional payloads, often facilitating ransomware attacks.
Other notable threats include Formbook, an infostealer targeting Windows systems, and Remcos, a RAT distributed via phishing campaigns. Malware like Androxgh0st, AsyncRat, and AgentTesla also continue to pose serious risks, exploiting both mobile and PC vulnerabilities.
To protect against these threats, users should avoid sideloading apps, rely on trusted sources, and ensure robust security measures, such as enabling Google Play Protect for Android and using up-to-date antivirus software on PCs.
