• bitcoinBitcoin (BTC) $ 87,293.00
  • ethereumEthereum (ETH) $ 2,921.46
  • tetherTether (USDT) $ 0.999420
  • bnbBNB (BNB) $ 834.33
  • xrpXRP (XRP) $ 1.84
  • usd-coinUSDC (USDC) $ 0.999773
  • tronTRON (TRX) $ 0.280120
  • staked-etherLido Staked Ether (STETH) $ 2,923.18
  • dogecoinDogecoin (DOGE) $ 0.122203
  • figure-helocFigure Heloc (FIGR_HELOC) $ 1.03
  • cardanoCardano (ADA) $ 0.351086
  • whitebitWhiteBIT Coin (WBT) $ 56.07
  • bitcoin-cashBitcoin Cash (BCH) $ 597.74
  • wrapped-stethWrapped stETH (WSTETH) $ 3,577.03
  • wrapped-bitcoinWrapped Bitcoin (WBTC) $ 87,272.00
  • wrapped-beacon-ethWrapped Beacon ETH (WBETH) $ 3,175.44
  • usdsUSDS (USDS) $ 0.999704
  • binance-bridged-usdt-bnb-smart-chainBinance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 0.999287
  • wrapped-eethWrapped eETH (WEETH) $ 3,169.66
  • chainlinkChainlink (LINK) $ 12.18
  • moneroMonero (XMR) $ 445.67
  • leo-tokenLEO Token (LEO) $ 8.50
  • wethWETH (WETH) $ 2,925.43
  • zcashZcash (ZEC) $ 446.63
  • stellarStellar (XLM) $ 0.212822
  • coinbase-wrapped-btcCoinbase Wrapped BTC (CBBTC) $ 87,344.00
  • ethena-usdeEthena USDe (USDE) $ 0.998431
  • hyperliquidHyperliquid (HYPE) $ 25.68
  • litecoinLitecoin (LTC) $ 76.80
  • avalanche-2Avalanche (AVAX) $ 12.34
  • suiSui (SUI) $ 1.40
  • hedera-hashgraphHedera (HBAR) $ 0.111772
  • susdssUSDS (SUSDS) $ 1.08
  • daiDai (DAI) $ 0.999894
  • usdt0USDT0 (USDT0) $ 0.998865
  • shiba-inuShiba Inu (SHIB) $ 0.000007
  • world-liberty-financialWorld Liberty Financial (WLFI) $ 0.141256
  • the-open-networkToncoin (TON) $ 1.54
  • paypal-usdPayPal USD (PYUSD) $ 0.999886
  • uniswapUniswap (UNI) $ 5.88
  • canton-networkCanton (CC) $ 0.098659
  • crypto-com-chainCronos (CRO) $ 0.091810
  • ethena-staked-usdeEthena Staked USDe (SUSDE) $ 1.21
  • mantleMantle (MNT) $ 1.04
  • usd1-wlfiUSD1 (USD1) $ 1.00
  • polkadotPolkadot (DOT) $ 1.72
  • rainRain (RAIN) $ 0.007704
  • memecoreMemeCore (M) $ 1.43
  • bitget-tokenBitget Token (BGB) $ 3.44
  • tether-goldTether Gold (XAUT) $ 4,540.86
  • aaveAave (AAVE) $ 154.27
  • okbOKB (OKB) $ 106.94
  • falcon-financeFalcon USD (USDF) $ 0.997864
  • bittensorBittensor (TAO) $ 216.41
  • nearNEAR Protocol (NEAR) $ 1.51
  • ethereum-classicEthereum Classic (ETC) $ 11.66
  • binance-peg-wethBinance-Peg WETH (WETH) $ 2,923.94
  • jito-staked-solJito Staked SOL (JITOSOL) $ 152.43
  • blackrock-usd-institutional-digital-liquidity-fundBlackRock USD Institutional Digital Liquidity Fund (BUIDL) $ 1.00
  • pi-networkPi Network (PI) $ 0.204140
  • pepePepe (PEPE) $ 0.000004
  • aster-2Aster (ASTER) $ 0.708389
  • internet-computerInternet Computer (ICP) $ 3.00
  • pax-goldPAX Gold (PAXG) $ 4,545.10
  • ethenaEthena (ENA) $ 0.210031
  • hash-2Provenance Blockchain (HASH) $ 0.030477
  • global-dollarGlobal Dollar (USDG) $ 0.999556
  • solanaWrapped SOL (SOL) $ 121.89
  • hashnote-usycCircle USYC (USYC) $ 1.11
  • htx-daoHTX DAO (HTX) $ 0.000002
  • syrupusdcsyrupUSDC (SYRUPUSDC) $ 1.14
  • jupiter-perpetuals-liquidity-provider-tokenJupiter Perpetuals Liquidity Provider Token (JLP) $ 4.47
  • midnight-3Midnight (NIGHT) $ 0.086266
  • skySky (SKY) $ 0.061082
  • kucoin-sharesKuCoin (KCS) $ 10.80
  • ripple-usdRipple USD (RLUSD) $ 1.00
  • bfusdBFUSD (BFUSD) $ 0.999296
  • worldcoin-wldWorldcoin (WLD) $ 0.489849
  • binance-bridged-usdc-bnb-smart-chainBinance Bridged USDC (BNB Smart Chain) (USDC) $ 0.999599
  • aptosAptos (APT) $ 1.69
  • rocket-pool-ethRocket Pool ETH (RETH) $ 3,373.28
  • kaspaKaspa (KAS) $ 0.044995
  • gatechain-tokenGate (GT) $ 10.27
  • binance-staked-solBinance Staked SOL (BNSOL) $ 133.04
  • ondo-financeOndo (ONDO) $ 0.375437
  • wbnbWrapped BNB (WBNB) $ 834.50
  • arbitrumArbitrum (ARB) $ 0.192033
  • polygon-ecosystem-tokenPOL (ex-MATIC) (POL) $ 0.104059
  • kelp-dao-restaked-ethKelp DAO Restaked ETH (RSETH) $ 3,100.80
  • pump-funPump.fun (PUMP) $ 0.001811
  • quant-networkQuant (QNT) $ 71.82
  • algorandAlgorand (ALGO) $ 0.117885
  • janus-henderson-anemoy-aaa-clo-fundJanus Henderson Anemoy AAA CLO Fund (JAAA) $ 1.02
  • cosmosCosmos Hub (ATOM) $ 2.05
  • official-trumpOfficial Trump (TRUMP) $ 4.87
  • ignition-fbtcFunction FBTC (FBTC) $ 87,230.00
  • solv-btcSolv Protocol BTC (SOLVBTC) $ 87,202.00
  • lombard-staked-btcLombard Staked BTC (LBTC) $ 87,407.00
  • xdce-crowd-saleXDC Network (XDC) $ 0.050813
  • nexoNEXO (NEXO) $ 0.906420
  • vechainVeChain (VET) $ 0.010553
  • flare-networksFlare (FLR) $ 0.011209
  • filecoinFilecoin (FIL) $ 1.23
  • usdtbUSDtb (USDTB) $ 0.999061
  • liquid-staked-ethereumLiquid Staked ETH (LSETH) $ 3,148.14
  • ousgOUSG (OUSG) $ 113.77
  • usddUSDD (USDD) $ 0.999534
  • superstate-short-duration-us-government-securities-fund-ustbSuperstate Short Duration U.S. Government Securities Fund (USTB) (USTB) $ 10.94
  • wrappedm-by-m0WrappedM by M^0 (WM) $ 0.999539
  • beldexBeldex (BDX) $ 0.099266
  • bridged-usdc-polygon-pos-bridgePolygon Bridged USDC (Polygon PoS) (USDC.E) $ 0.999698
  • sei-networkSei (SEI) $ 0.110691
  • arbitrum-bridged-wbtc-arbitrum-oneArbitrum Bridged WBTC (Arbitrum One) (WBTC) $ 87,145.00
  • ondo-us-dollar-yieldOndo US Dollar Yield (USDY) $ 1.11
  • clbtcclBTC (CLBTC) $ 88,809.00
  • mantle-staked-etherMantle Staked Ether (METH) $ 3,164.36
  • myx-financeMYX Finance (MYX) $ 3.47
  • render-tokenRender (RENDER) $ 1.27
  • bonkBonk (BONK) $ 0.000008
  • usdaiUSDai (USDAI) $ 0.999497
  • renzo-restaked-ethRenzo Restaked ETH (EZETH) $ 3,116.80
  • morphoMorpho (MORPHO) $ 1.17
  • kinetic-staked-hypeKinetiq Staked HYPE (KHYPE) $ 25.92
  • polygon-pos-bridged-dai-polygon-posPolygon PoS Bridged DAI (Polygon POS) (DAI) $ 0.999579
  • wrapped-flareWrapped Flare (WFLR) $ 0.011212
  • jupiter-exchange-solanaJupiter (JUP) $ 0.199422
  • l2-standard-bridged-weth-baseL2 Standard Bridged WETH (Base) (WETH) $ 2,925.39
  • pancakeswap-tokenPancakeSwap (CAKE) $ 1.81
  • stakewise-v3-osethStakeWise Staked ETH (OSETH) $ 3,082.79
  • jupiter-staked-solJupiter Staked SOL (JUPSOL) $ 141.25
  • pudgy-penguinsPudgy Penguins (PENGU) $ 0.008987
  • curve-dao-tokenCurve DAO (CRV) $ 0.383062
  • syrupusdtsyrupUSDT (SYRUPUSDT) $ 1.11
  • eutblSpiko EU T-Bills Money Market Fund (EUTBL) $ 1.23
  • usual-usdUsual USD (USD0) $ 0.993516
  • tbtctBTC (TBTC) $ 87,286.00
  • c8ntinuumc8ntinuum (CTM) $ 0.120474
  • optimismOptimism (OP) $ 0.268759
  • arbitrum-bridged-weth-arbitrum-oneArbitrum Bridged WETH (Arbitrum One) (WETH) $ 2,922.93
  • first-digital-usdFirst Digital USD (FDUSD) $ 0.998593
  • story-2Story (IP) $ 1.52
  • tezosTezos (XTZ) $ 0.474803
  • ghoGHO (GHO) $ 0.998698
  • true-usdTrueUSD (TUSD) $ 0.998458
  • dashDash (DASH) $ 39.23
  • pippinpippin (PIPPIN) $ 0.486950
  • fetch-aiArtificial Superintelligence Alliance (FET) $ 0.211086
  • lido-daoLido DAO (LDO) $ 0.563203
  • gtethGTETH (GTETH) $ 2,924.33
  • merlin-chainMerlin Chain (MERL) $ 0.427369
  • injective-protocolInjective (INJ) $ 4.62
  • blockstackStacks (STX) $ 0.253507
  • virtual-protocolVirtuals Protocol (VIRTUAL) $ 0.699130
  • ether-fiEther.fi (ETHFI) $ 0.698445
  • spx6900SPX6900 (SPX) $ 0.488755
  • stader-ethxStader ETHx (ETHX) $ 3,148.18
  • aerodrome-financeAerodrome Finance (AERO) $ 0.474245
  • newton-projectAB (AB) $ 0.004579
  • ether-fi-liquid-ethEther.Fi Liquid ETH (LIQUIDETH) $ 3,131.54
  • msolMarinade Staked SOL (MSOL) $ 164.35
  • telcoinTelcoin (TEL) $ 0.004255
  • wrapped-apecoinWrapped ApeCoin (WAPE) $ 0.204115
  • usdbUSDB (USDB) $ 1.00
  • doublezeroDoubleZero (2Z) $ 0.115020
  • syrupMaple Finance (SYRUP) $ 0.343406
  • starknetStarknet (STRK) $ 0.079131
  • celestiaCelestia (TIA) $ 0.454504
  • swethSwell Ethereum (SWETH) $ 3,212.05
  • sbtc-2sBTC (SBTC) $ 87,001.00
  • the-graphThe Graph (GRT) $ 0.036285
  • flokiFLOKI (FLOKI) $ 0.000040
  • bittorrentBitTorrent (BTT) $ 0.00000039
  • steakhouse-usdc-morpho-vaultSteakhouse USDC Morpho Vault (STEAKUSDC) $ 1.11
  • justJUST (JST) $ 0.038063
  • conflux-tokenConflux (CFX) $ 0.072524
  • coinbase-wrapped-staked-ethCoinbase Wrapped Staked ETH (CBETH) $ 3,270.96
  • chilizChiliz (CHZ) $ 0.036456
  • sun-tokenSun Token (SUN) $ 0.018963
  • bitcoin-svBitcoin SV (BSV) $ 18.12
  • ethereum-name-serviceEthereum Name Service (ENS) $ 9.43
  • iotaIOTA (IOTA) $ 0.083941
  • euro-coinEURC (EURC) $ 1.18
  • kinesis-goldKinesis Gold (KAU) $ 146.88
  • olympusOlympus (OHM) $ 21.36
  • trust-wallet-tokenTrust Wallet (TWT) $ 0.837085
  • cap-usdCap USD (CUSD) $ 1.00
  • apenftAINFT (NFT) $ 0.00000035
  • pyth-networkPyth Network (PYTH) $ 0.059692
  • bitcoin-avalanche-bridged-btc-bAvalanche Bridged BTC (Avalanche) (BTC.B) $ 87,278.00
  • resolv-usrResolv USR (USR) $ 0.999517
  • crvusdcrvUSD (CRVUSD) $ 0.996966
  • resolv-wstusrResolv wstUSR (WSTUSR) $ 1.12
  • kaiaKaia (KAIA) $ 0.055647
  • gnosisGnosis (GNO) $ 122.52
  • decredDecred (DCR) $ 18.74
  • basic-attention-tokenBasic Attention (BAT) $ 0.213473
  • dogwifcoindogwifhat (WIF) $ 0.314143
  • binance-peg-dogecoinBinance-Peg Dogecoin (DOGE) $ 0.122209
  • binance-peg-busdBinance-Peg BUSD (BUSD) $ 0.997798
  • ether-fi-staked-ethether.fi Staked ETH (EETH) $ 2,926.37
Bitcoin

New Android RAT ‘Fantasy Hub’ sold as Malware-as-a-Service across Russian Telegram channels

By admin
0 27

New Android RAT ‘Fantasy Hub’ sold as Malware-as-a-Service across Russian Telegram channels

Cybersecurity researchers have announced a new Android RAT called Fantasy Hub that is being distributed as a subscription service to criminals. It is on sale on Russian-speaking Telegram channels under a Malware-as-a-Service (MaaS) model.

According to reports, it turns any app into spyware, pretends to be a Play Store update, hijacks SMS to steal 2FA, and streams camera and microphone in real-time via WebRTC. The Malware-as-a-Service model allows it to lower the technical barriers for attackers with minimal expertise.

The spyware gives hackers the ability to read 2FA messages, get into bank accounts, and watch devices in real time.

Fantasy Hub teaches criminals how to create fake Google Play Store

According to its seller, the malware allows device control and espionage. This gives threat actors access to SMS messages, contacts, call logs, images, and videos, as well as the ability to intercept, reply to, and delete incoming alerts.

The malware exploits the default SMS privileges, similar to ClayRAT, to gain access to SMS messages, contacts, the camera, and files. By prompting the user to set it as the default SMS handling app, the malicious program can obtain multiple powerful permissions in one go, rather than having to request individual permissions at runtime.

New Android RAT ‘Fantasy Hub’ sold as Malware-as-a-Service across Russian Telegram channels

Fantasy Hub hacking method: Source: Hackers Hub

Criminals who are customers of the e-crime solution receive instructions related to creating fake Google Play Store landing pages for distribution, as well as the steps to bypass restrictions. Prospective buyers can choose the icon, name, and page they wish to receive a slick-looking page.

The bot handles paid subscriptions and builder access. It’s also designed so that threat actors can upload any APK file to the service and receive a trojanized version that contains the malware built in. The service is available per user for a weekly price of $200 or a monthly price of $500. Users can also opt for a yearly subscription that costs $4,500.

The command-and-control (C2) panel associated with the malware provides details about the compromised devices, as well as information regarding the subscription status itself. The panel also provides attackers with the ability to issue commands to collect various types of data.

Fantasy Hub targets mobile banking users

The dropper apps have been found to act as a Google Play update, lending it a veneer of legitimacy and tricking users into granting the necessary permissions. It then uses fake overlays to obtain banking credentials associated with Russian financial institutions such as Alfa, PSB, T-Bank, and Sberbank.

Fantasy Hub integrates native droppers, WebRTC-based live streaming, and exploits the SMS handler role to steal data and impersonate legitimate apps in real-time.

According to Zimperium researcher Vishnu Pratapagiri, the spyware poses a direct threat to enterprise customers using BYOD. In addition, organization whose employees rely on mobile banking or sensitive mobile apps are in trouble.

This comes after Zscaler ThreatLabz revealed that threat actors are using sophisticated banking trojans, such as Anatsa, ERMAC, and TrickMo. They often resemble genuine utilities or productivity apps in both official and third-party app stores.

Once they’re installed, they employ very sneaky methods to obtain usernames, passwords, and even two-factor authentication (2FA) codes, which are required to complete transactions.

Additionally, CERT Polska has warned about new cases of Android malware called NGate, which attempts to steal card information from Polish bank users through Near Field Communication (NFC) relay attacks.

When the victim opens the app in question, they are asked to prove their payment card by tapping it on the back of their Android device. The app then discreetly collects the card’s NFC data and sends it to a server controlled by the attacker or straight to a companion app installed by the threat actor who wants to get cash from an ATM.

Reports say that transactions using Android malware have gone up by 67% every year. They are powered by advanced spyware and banking trojans. About 239 malicious apps have been reported on the Google Play Store. Between June 2024 and May 2025, the apps were downloaded a total of 42 million times.

Source

admin 16449 posts 0 comments
You might also like More from author

Leave A Reply

Your email address will not be published.