Agent Smith

Infects devices and replaces legitimate apps with replicas that show ads to generate profits for the criminal actors

Read More
NJCCIC
HeroRat

An Android remote access trojan spread through Telegram channels. Once a victim grants the fake app device permissions, it appears as if it uninstalls from the infected device, but instead, runs processes in the background without the user’s knowledge.

Read More
ZooPark

An Android malware that has been part of a cyberespionage operation since 2015, focusing on Middle Eastern targets. Since its initial distribution, the malware has gone through four different updates, each time adding more spyware features.

Read More
Super Clean Plus

A malicious Android application that was available on the Google Play Store and downloaded over 10,000 times. The app, which is free and claims to clean up your devices memory, boost speed, and clear out junk, is hiding malicious functionality in an executable DEX file.

Read More
XLoader

A backdoor trojan and spyware infecting Android device via Domain Name System (DNS) spoofing to distribute and install malicious Android apps posing as Facebook or Chrome apps. The app collects personally identifiable information (PII) and financial data, and can install additional malicious apps.

Read More
Guerilla

A malicious backdoor that collects information on the infected device including phone manufacturer, type, brand, MAC address, etc. and uses this to initiate an aggressive ad-clicking function to generate income.

Read More