{"id":216357,"date":"2025-06-21T06:17:19","date_gmt":"2025-06-21T11:17:19","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2025\/06\/new-android-malware-surge-hits-devices-via-overlays-virtualization-fraud-and-nfc-theft"},"modified":"2025-06-21T06:17:19","modified_gmt":"2025-06-21T11:17:19","slug":"new-android-malware-surge-hits-devices-via-overlays-virtualization-fraud-and-nfc-theft","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2025\/06\/new-android-malware-surge-hits-devices-via-overlays-virtualization-fraud-and-nfc-theft","title":{"rendered":"New Android Malware Surge Hits Devices via Overlays, Virtualization Fraud, and NFC Theft"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/new-android-malware-surge-hits-devices-via-overlays-virtualization-fraud-and-nfc-theft.jpg\"><\/a><\/p>\n<p>Cybersecurity researchers have exposed the inner workings of an Android malware called AntiDot that has compromised over 3,775 devices as part of 273 unique campaigns.<\/p>\n<p>\u201cOperated by the financially motivated threat actor LARVA-398, AntiDot is actively sold as a Malware-as-a-Service (MaaS) on underground forums and has been linked to a wide range of mobile campaigns,\u201d PRODAFT <a href=\"https:\/\/catalyst.prodaft.com\/public\/report\/antidot\" rel=\"noopener\" target=\"_blank\">said<\/a> in a report shared with The Hacker News.<\/p>\n<p>AntiDot is advertised as a \u201cthree-in-one\u201d solution with capabilities to record the device screen by abusing Android\u2019s accessibility services, intercept SMS messages, and extract sensitive data from third-party applications.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybersecurity researchers have exposed the inner workings of an Android malware called AntiDot that has compromised over 3,775 devices as part of 273 unique campaigns. \u201cOperated by the financially motivated threat actor LARVA-398, AntiDot is actively sold as a Malware-as-a-Service (MaaS) on underground forums and has been linked to a wide range of mobile campaigns,\u201d [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34,6],"tags":[],"class_list":["post-216357","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode","category-robotics-ai"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/216357","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=216357"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/216357\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=216357"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=216357"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=216357"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}