• bitcoinBitcoin (BTC) $ 89,769.00
  • ethereumEthereum (ETH) $ 3,155.58
  • tetherTether (USDT) $ 1.00
  • bnbBNB (BNB) $ 890.36
  • xrpXRP (XRP) $ 2.00
  • usd-coinUSDC (USDC) $ 0.999946
  • staked-etherLido Staked Ether (STETH) $ 3,154.92
  • tronTRON (TRX) $ 0.281842
  • dogecoinDogecoin (DOGE) $ 0.137098
  • cardanoCardano (ADA) $ 0.402936
  • figure-helocFigure Heloc (FIGR_HELOC) $ 1.00
  • whitebitWhiteBIT Coin (WBT) $ 60.20
  • wrapped-stethWrapped stETH (WSTETH) $ 3,855.09
  • bitcoin-cashBitcoin Cash (BCH) $ 567.88
  • wrapped-bitcoinWrapped Bitcoin (WBTC) $ 89,650.00
  • wrapped-beacon-ethWrapped Beacon ETH (WBETH) $ 3,423.41
  • usdsUSDS (USDS) $ 0.998960
  • chainlinkChainlink (LINK) $ 13.65
  • wrapped-eethWrapped eETH (WEETH) $ 3,419.93
  • binance-bridged-usdt-bnb-smart-chainBinance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 0.999817
  • leo-tokenLEO Token (LEO) $ 9.29
  • wethWETH (WETH) $ 3,156.48
  • hyperliquidHyperliquid (HYPE) $ 29.33
  • moneroMonero (XMR) $ 409.85
  • stellarStellar (XLM) $ 0.231688
  • zcashZcash (ZEC) $ 409.98
  • coinbase-wrapped-btcCoinbase Wrapped BTC (CBBTC) $ 89,867.00
  • ethena-usdeEthena USDe (USDE) $ 0.999293
  • litecoinLitecoin (LTC) $ 81.11
  • suiSui (SUI) $ 1.57
  • avalanche-2Avalanche (AVAX) $ 13.22
  • hedera-hashgraphHedera (HBAR) $ 0.119174
  • shiba-inuShiba Inu (SHIB) $ 0.000008
  • susdssUSDS (SUSDS) $ 1.08
  • usdt0USDT0 (USDT0) $ 1.00
  • daiDai (DAI) $ 0.999614
  • mantleMantle (MNT) $ 1.28
  • paypal-usdPayPal USD (PYUSD) $ 0.999663
  • the-open-networkToncoin (TON) $ 1.57
  • world-liberty-financialWorld Liberty Financial (WLFI) $ 0.139060
  • crypto-com-chainCronos (CRO) $ 0.097616
  • ethena-staked-usdeEthena Staked USDe (SUSDE) $ 1.21
  • uniswapUniswap (UNI) $ 5.41
  • polkadotPolkadot (DOT) $ 2.00
  • aaveAave (AAVE) $ 194.87
  • memecoreMemeCore (M) $ 1.68
  • usd1-wlfiUSD1 (USD1) $ 0.999393
  • rainRain (RAIN) $ 0.008053
  • bittensorBittensor (TAO) $ 282.26
  • canton-networkCanton (CC) $ 0.071938
  • bitget-tokenBitget Token (BGB) $ 3.58
  • okbOKB (OKB) $ 110.60
  • tether-goldTether Gold (XAUT) $ 4,340.58
  • falcon-financeFalcon USD (USDF) $ 0.998738
  • aster-2Aster (ASTER) $ 0.930378
  • nearNEAR Protocol (NEAR) $ 1.63
  • ethereum-classicEthereum Classic (ETC) $ 13.10
  • binance-peg-wethBinance-Peg WETH (WETH) $ 3,155.77
  • jito-staked-solJito Staked SOL (JITOSOL) $ 165.32
  • ethenaEthena (ENA) $ 0.237722
  • blackrock-usd-institutional-digital-liquidity-fundBlackRock USD Institutional Digital Liquidity Fund (BUIDL) $ 1.00
  • pepePepe (PEPE) $ 0.000004
  • internet-computerInternet Computer (ICP) $ 3.20
  • pi-networkPi Network (PI) $ 0.205868
  • solanaWrapped SOL (SOL) $ 132.49
  • jupiter-perpetuals-liquidity-provider-tokenJupiter Perpetuals Liquidity Provider Token (JLP) $ 4.66
  • syrupusdcsyrupUSDC (SYRUPUSDC) $ 1.14
  • pump-funPump.fun (PUMP) $ 0.002686
  • htx-daoHTX DAO (HTX) $ 0.000002
  • pax-goldPAX Gold (PAXG) $ 4,356.97
  • hash-2Provenance Blockchain (HASH) $ 0.027359
  • global-dollarGlobal Dollar (USDG) $ 0.999736
  • worldcoin-wldWorldcoin (WLD) $ 0.579272
  • ondo-financeOndo (ONDO) $ 0.449932
  • kucoin-sharesKuCoin (KCS) $ 10.69
  • hashnote-usycCircle USYC (USYC) $ 1.11
  • syrupusdtsyrupUSDT (SYRUPUSDT) $ 1.11
  • rocket-pool-ethRocket Pool ETH (RETH) $ 3,630.61
  • bfusdBFUSD (BFUSD) $ 0.999402
  • skySky (SKY) $ 0.057549
  • ripple-usdRipple USD (RLUSD) $ 0.999593
  • binance-bridged-usdc-bnb-smart-chainBinance Bridged USDC (BNB Smart Chain) (USDC) $ 0.999790
  • polygon-ecosystem-tokenPOL (ex-MATIC) (POL) $ 0.120185
  • gatechain-tokenGate (GT) $ 10.50
  • aptosAptos (APT) $ 1.65
  • kaspaKaspa (KAS) $ 0.044589
  • wbnbWrapped BNB (WBNB) $ 890.56
  • arbitrumArbitrum (ARB) $ 0.209713
  • kelp-dao-restaked-ethKelp DAO Restaked ETH (RSETH) $ 3,343.04
  • binance-staked-solBinance Staked SOL (BNSOL) $ 143.99
  • official-trumpOfficial Trump (TRUMP) $ 5.48
  • algorandAlgorand (ALGO) $ 0.120210
  • midnight-3Midnight (NIGHT) $ 0.063070
  • ignition-fbtcFunction FBTC (FBTC) $ 90,306.00
  • liquid-staked-ethereumLiquid Staked ETH (LSETH) $ 3,368.04
  • cosmosCosmos Hub (ATOM) $ 2.15
  • lombard-staked-btcLombard Staked BTC (LBTC) $ 89,921.00
  • solv-btcSolv Protocol BTC (SOLVBTC) $ 89,347.00
  • flare-networksFlare (FLR) $ 0.012128
  • filecoinFilecoin (FIL) $ 1.33
  • vechainVeChain (VET) $ 0.011250
  • nexoNEXO (NEXO) $ 0.957579
  • xdce-crowd-saleXDC Network (XDC) $ 0.046951
  • superstate-short-duration-us-government-securities-fund-ustbSuperstate Short Duration U.S. Government Securities Fund (USTB) (USTB) $ 10.92
  • usdtbUSDtb (USDTB) $ 0.999655
  • ousgOUSG (OUSG) $ 113.62
  • sei-networkSei (SEI) $ 0.124075
  • kinetic-staked-hypeKinetiq Staked HYPE (KHYPE) $ 29.56
  • render-tokenRender (RENDER) $ 1.51
  • usddUSDD (USDD) $ 0.999835
  • wrappedm-by-m0WrappedM by M^0 (WM) $ 0.999968
  • janus-henderson-anemoy-aaa-clo-fundJanus Henderson Anemoy AAA CLO Fund (JAAA) $ 1.02
  • bonkBonk (BONK) $ 0.000009
  • mantle-staked-etherMantle Staked Ether (METH) $ 3,415.43
  • pancakeswap-tokenPancakeSwap (CAKE) $ 2.18
  • arbitrum-bridged-wbtc-arbitrum-oneArbitrum Bridged WBTC (Arbitrum One) (WBTC) $ 89,679.00
  • clbtcclBTC (CLBTC) $ 90,617.00
  • wrapped-flareWrapped Flare (WFLR) $ 0.012140
  • ondo-us-dollar-yieldOndo US Dollar Yield (USDY) $ 1.10
  • pudgy-penguinsPudgy Penguins (PENGU) $ 0.010803
  • bridged-usdc-polygon-pos-bridgePolygon Bridged USDC (Polygon PoS) (USDC.E) $ 0.999796
  • beldexBeldex (BDX) $ 0.089067
  • renzo-restaked-ethRenzo Restaked ETH (EZETH) $ 3,364.74
  • myx-financeMYX Finance (MYX) $ 3.36
  • usdaiUSDai (USDAI) $ 0.999852
  • first-digital-usdFirst Digital USD (FDUSD) $ 0.998899
  • jupiter-staked-solJupiter Staked SOL (JUPSOL) $ 153.14
  • polygon-pos-bridged-dai-polygon-posPolygon PoS Bridged DAI (Polygon POS) (DAI) $ 0.999950
  • l2-standard-bridged-weth-baseL2 Standard Bridged WETH (Base) (WETH) $ 3,156.75
  • story-2Story (IP) $ 1.84
  • fetch-aiArtificial Superintelligence Alliance (FET) $ 0.239467
  • stakewise-v3-osethStakeWise Staked ETH (OSETH) $ 3,303.41
  • jupiter-exchange-solanaJupiter (JUP) $ 0.194681
  • ultimaUltima (ULTIMA) $ 6,113.86
  • morphoMorpho (MORPHO) $ 1.12
  • optimismOptimism (OP) $ 0.310494
  • curve-dao-tokenCurve DAO (CRV) $ 0.382217
  • usual-usdUsual USD (USD0) $ 0.997864
  • tbtctBTC (TBTC) $ 89,698.00
  • arbitrum-bridged-weth-arbitrum-oneArbitrum Bridged WETH (Arbitrum One) (WETH) $ 3,156.50
  • lido-daoLido DAO (LDO) $ 0.601406
  • dashDash (DASH) $ 42.56
  • injective-protocolInjective (INJ) $ 5.31
  • aerodrome-financeAerodrome Finance (AERO) $ 0.581673
  • spx6900SPX6900 (SPX) $ 0.560810
  • bridged-wrapped-ether-pundi-aifx-omnilayerBridged Wrapped Ether (Pundi AIFX Omnilayer) (WETH) $ 35,382,014.00
  • tezosTezos (XTZ) $ 0.484161
  • virtual-protocolVirtuals Protocol (VIRTUAL) $ 0.783378
  • blockstackStacks (STX) $ 0.282387
  • starknetStarknet (STRK) $ 0.105175
  • gtethGTETH (GTETH) $ 3,154.46
  • ether-fiEther.fi (ETHFI) $ 0.823383
  • merlin-chainMerlin Chain (MERL) $ 0.476271
  • true-usdTrueUSD (TUSD) $ 0.996244
  • cgeth-hashkey-cloudcgETH Hashkey Cloud (CGETH.HASH) $ 2,460.42
  • newton-projectAB (AB) $ 0.005363
  • eutblSpiko EU T-Bills Money Market Fund (EUTBL) $ 1.23
  • celestiaCelestia (TIA) $ 0.552178
  • stader-ethxStader ETHx (ETHX) $ 3,389.10
  • msolMarinade Staked SOL (MSOL) $ 178.20
  • ghoGHO (GHO) $ 0.999587
  • wrapped-apecoinWrapped ApeCoin (WAPE) $ 0.224659
  • ether-fi-liquid-ethEther.Fi Liquid ETH (LIQUIDETH) $ 3,333.04
  • flokiFLOKI (FLOKI) $ 0.000045
  • kaiaKaia (KAIA) $ 0.074852
  • telcoinTelcoin (TEL) $ 0.004590
  • the-graphThe Graph (GRT) $ 0.040557
  • swethSwell Ethereum (SWETH) $ 3,466.98
  • trust-wallet-tokenTrust Wallet (TWT) $ 0.998360
  • usdbUSDB (USDB) $ 0.999341
  • ethereum-name-serviceEthereum Name Service (ENS) $ 10.60
  • coinbase-wrapped-staked-ethCoinbase Wrapped Staked ETH (CBETH) $ 3,515.93
  • audieraAudiera (BEAT) $ 2.87
  • bittorrentBitTorrent (BTT) $ 0.00000040
  • steakhouse-usdc-morpho-vaultSteakhouse USDC Morpho Vault (STEAKUSDC) $ 1.11
  • dogwifcoindogwifhat (WIF) $ 0.396486
  • sbtc-2sBTC (SBTC) $ 89,502.00
  • doublezeroDoubleZero (2Z) $ 0.113141
  • sun-tokenSun Token (SUN) $ 0.020440
  • lorenzo-wrapped-bitcoinLorenzo Wrapped Bitcoin (ENZOBTC) $ 90,454.00
  • conflux-tokenConflux (CFX) $ 0.075136
  • bitcoin-svBitcoin SV (BSV) $ 19.36
  • iotaIOTA (IOTA) $ 0.091868
  • justJUST (JST) $ 0.038704
  • basic-attention-tokenBasic Attention (BAT) $ 0.245006
  • bitcoin-avalanche-bridged-btc-bAvalanche Bridged BTC (Avalanche) (BTC.B) $ 89,766.00
  • olympusOlympus (OHM) $ 22.25
  • apenftAINFT (NFT) $ 0.00000037
  • pyth-networkPyth Network (PYTH) $ 0.062795
  • pippinpippin (PIPPIN) $ 0.358476
  • fartcoinFartcoin (FARTCOIN) $ 0.350779
  • binance-peg-dogecoinBinance-Peg Dogecoin (DOGE) $ 0.136962
  • pendlePendle (PENDLE) $ 2.13
  • ether-fi-staked-ethether.fi Staked ETH (EETH) $ 3,155.16
  • heliumHelium (HNT) $ 1.84
  • theta-tokenTheta Network (THETA) $ 0.341978
  • sonic-3Sonic (S) $ 0.089822
  • crvusdcrvUSD (CRVUSD) $ 0.999016
  • euro-coinEURC (EURC) $ 1.17
  • the-sandboxThe Sandbox (SAND) $ 0.127895
Bitcoin

New Android RAT ‘Fantasy Hub’ sold as Malware-as-a-Service across Russian Telegram channels

By admin
0 21

New Android RAT ‘Fantasy Hub’ sold as Malware-as-a-Service across Russian Telegram channels

Cybersecurity researchers have announced a new Android RAT called Fantasy Hub that is being distributed as a subscription service to criminals. It is on sale on Russian-speaking Telegram channels under a Malware-as-a-Service (MaaS) model.

According to reports, it turns any app into spyware, pretends to be a Play Store update, hijacks SMS to steal 2FA, and streams camera and microphone in real-time via WebRTC. The Malware-as-a-Service model allows it to lower the technical barriers for attackers with minimal expertise.

The spyware gives hackers the ability to read 2FA messages, get into bank accounts, and watch devices in real time.

Fantasy Hub teaches criminals how to create fake Google Play Store

According to its seller, the malware allows device control and espionage. This gives threat actors access to SMS messages, contacts, call logs, images, and videos, as well as the ability to intercept, reply to, and delete incoming alerts.

The malware exploits the default SMS privileges, similar to ClayRAT, to gain access to SMS messages, contacts, the camera, and files. By prompting the user to set it as the default SMS handling app, the malicious program can obtain multiple powerful permissions in one go, rather than having to request individual permissions at runtime.

New Android RAT ‘Fantasy Hub’ sold as Malware-as-a-Service across Russian Telegram channels

Fantasy Hub hacking method: Source: Hackers Hub

Criminals who are customers of the e-crime solution receive instructions related to creating fake Google Play Store landing pages for distribution, as well as the steps to bypass restrictions. Prospective buyers can choose the icon, name, and page they wish to receive a slick-looking page.

The bot handles paid subscriptions and builder access. It’s also designed so that threat actors can upload any APK file to the service and receive a trojanized version that contains the malware built in. The service is available per user for a weekly price of $200 or a monthly price of $500. Users can also opt for a yearly subscription that costs $4,500.

The command-and-control (C2) panel associated with the malware provides details about the compromised devices, as well as information regarding the subscription status itself. The panel also provides attackers with the ability to issue commands to collect various types of data.

Fantasy Hub targets mobile banking users

The dropper apps have been found to act as a Google Play update, lending it a veneer of legitimacy and tricking users into granting the necessary permissions. It then uses fake overlays to obtain banking credentials associated with Russian financial institutions such as Alfa, PSB, T-Bank, and Sberbank.

Fantasy Hub integrates native droppers, WebRTC-based live streaming, and exploits the SMS handler role to steal data and impersonate legitimate apps in real-time.

According to Zimperium researcher Vishnu Pratapagiri, the spyware poses a direct threat to enterprise customers using BYOD. In addition, organization whose employees rely on mobile banking or sensitive mobile apps are in trouble.

This comes after Zscaler ThreatLabz revealed that threat actors are using sophisticated banking trojans, such as Anatsa, ERMAC, and TrickMo. They often resemble genuine utilities or productivity apps in both official and third-party app stores.

Once they’re installed, they employ very sneaky methods to obtain usernames, passwords, and even two-factor authentication (2FA) codes, which are required to complete transactions.

Additionally, CERT Polska has warned about new cases of Android malware called NGate, which attempts to steal card information from Polish bank users through Near Field Communication (NFC) relay attacks.

When the victim opens the app in question, they are asked to prove their payment card by tapping it on the back of their Android device. The app then discreetly collects the card’s NFC data and sends it to a server controlled by the attacker or straight to a companion app installed by the threat actor who wants to get cash from an ATM.

Reports say that transactions using Android malware have gone up by 67% every year. They are powered by advanced spyware and banking trojans. About 239 malicious apps have been reported on the Google Play Store. Between June 2024 and May 2025, the apps were downloaded a total of 42 million times.

Source

admin 16055 posts 0 comments
You might also like More from author

Leave A Reply

Your email address will not be published.