Image by Freepik

DroidBot Malware Targets Banking And National Organizations Across Europe

• Written by Kiara Fabbri Former Tech News Writer
• Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

Security analysts at Cleafy have uncovered a sophisticated Android Remote Access Trojan (RAT) named DroidBot, identified as part of a Malware-as-a-Service (MaaS) operation originating from Turkey.

In a Rush? Here are the Quick Facts!

• DroidBot is a new Android Remote Access Trojan (RAT) targeting 77 global entities.
• It uses MQTT and HTTPS for stealthy communication and command delivery.
• The malware exploits Android’s Accessibility Services for keylogging and overlay attacks.

First traced back to June 2024 and actively observed in October, DroidBot demonstrates advanced capabilities and a growing geographical impact, particularly in Europe.

DroidBot is a type of spyware that combines methods like hidden screen access and fake login screens to steal personal data. it sends stolen data through a method designed for smart devices and receives commands through secure websites, making it harder to detect.

Some of its tricks include recording what you type to capture passwords, creating fake login screens to steal your information, taking screenshots of your phone to spy on your activity, and even controlling your phone remotely to mimic your actions.

It takes advantage of Android’s Accessibility Services, which users often unknowingly grant during installation. Disguised as harmless apps like security tools or banking apps, DroidBot tricks people into downloading it.

DroidBot targets 77 organizations, including banks, cryptocurrency exchanges, and national entities. Campaigns have been observed in the UK, France, Spain, Italy, and Portugal, with indications of expansion into Latin America.

Language preferences in the malware’s code and infrastructure suggest Turkish-speaking developers.

Ongoing development is evident, with inconsistencies in root checks, obfuscation levels, and unpacking processes across samples. These variations indicate efforts to refine the malware and adapt it to different environments.

DroidBot’s sophistication, supported by encryption routines and MQTT-based communication, positions it as a significant cyber threat. Its MaaS model, ongoing development, and ability to bypass two-factor authentication raise concerns for financial institutions and governments.

As DroidBot continues to evolve, security experts stress vigilance and enhanced protective measures for organizations in affected regions.

Image by Jernej Furman, from Wikimedia Commons

OpenAI Partners With Defense Tech Company Anduril

• Written by Kiara Fabbri Former Tech News Writer
• Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

OpenAI has partnered with military contractor Anduril, the company announced Wednesday. The collaboration will see OpenAI’s software integrated into Anduril’s counterdrone systems, designed to detect and neutralize drones.

In a Rush? Here are the Quick Facts!

• OpenAI will integrate its software into Anduril’s counterdrone systems.
• This marks OpenAI’s first collaboration with a defense contractor.
• The partnership aims to improve counter-unmanned aircraft systems (CUAS) capabilities.

This is OpenAI’s first collaboration with a defense contractor, marking a major shift from its previous opposition to military engagement, has noted The Verge .

“OpenAI builds AI to benefit as many people as possible, and supports U.S.-led efforts to ensure the technology upholds democratic values,” said Sam Altman, OpenAI’s CEO as reported on the announcement.

According to the announcement, the partnership will focus on enhancing counter-unmanned aircraft systems (CUAS). Their goal is to improve the detection, assessment, and real-time response to lethal aerial threats.

The initiative will explore how advanced AI models can process time-sensitive data, reduce the workload on human operators, and improve situational awareness. These models will be trained on Anduril’s CUAS data.

Reuters notes that the collaboration comes at a critical time as the U.S. and China compete for AI dominance . The announcement states that if the U.S. falls behind, it risks losing the technological advantage crucial to national security.