Mumbai, December 9: Android users face new malware threats that can harm their devices and steal critical information via malicious programmes. Cybersecurity experts have raised the alarm about a new wave of advanced Android malware that is actively targeting mobile users across the globe. As per a report, multiple malicious programmes have been discovered that can steal banking details, crypto wallet information and private data while remaining hidden on users’ devices. The findings highlight how mobile threats are becoming more sophisticated as attackers take advantage of increasing digital dependence.

Cybercriminals thrive on the information they access via victims’ devices, particularly smartphones, which have become prime targets. Attackers are now relying heavily on deceptive tactics that make malicious apps appear completely legitimate. By tricking users into granting dangerous permissions, these apps can quietly monitor activity, capture sensitive information and even gain remote control of key phone functions. Security researchers note that this shift reflects a broader move towards financially motivated mobile attacks that aim to bypass traditional security barriers. Reddit Down: Thousands of Users Face ‘Internal Server Error' Across US, India and Other Regions; Netizens React With Funny GIFs and Images.

How the malware works and what users need to know

According to the report from The Hacker News, cybersecurity researchers have identified malware samples that operate by impersonating trusted apps to lure victims into installing them. Once inside a device, they commonly request accessibility access because it grants the ability to view screen contents, record user actions and interact with the phone in ways similar to a real user. Some strains focus on banking apps and attempt to harvest login credentials with deceptive overlay screens. Others track cryptocurrency wallets in order to capture recovery phrases or intercept one-time authentication codes. Many variants also collect call logs, stored files and contact information before transmitting them to criminal operators.

  • FvncBot
    Pretends to be legitimate banking or security apps to trick users into installing it. Once installed, it abuses Android accessibility services to record keystrokes, capture screens, inject fake login overlays and give attackers remote control over the device. It primarily targets banking credentials and can perform unauthorised transactions.

  • SeedSnatcher
    Often disguised as cryptocurrency or wallet-related apps, it steals wallet seed phrases, intercepts one-time passwords from SMS, and captures sensitive user data such as contacts, files and call logs. It uses phishing overlays to trick users into revealing authentication information, making it a significant threat for crypto holders.

  • ClayRat (Upgraded Version)
    Exploits accessibility and SMS permissions to record keystrokes, capture screens, and display fake system updates or notifications. It can remain hidden on the device while taking full control, including preventing users from uninstalling the malicious app. It targets both banking and crypto data.

How to protect yourself from these new Android threats

  • Install apps only from trusted and official app stores

  • Avoid downloading APK files or clicking suspicious links

  • Examine permission requests carefully before approving them

  • Do not grant accessibility access unless absolutely necessary

  • Keep your operating system and apps updated at all times

  • Use reputable mobile security protection when possible

  • Store crypto wallet recovery phrases offline and never on a device

What makes these threats especially dangerous is their ability to remain undetected. They can disguise themselves as system services, hide their icons and display false security notifications or update messages. Who Is Neal Mohan? Here’s All About Indian-Origin YouTube CEO Named TIME’s CEO of the Year.

The intention is to prevent users from recognising any unusual behaviour while attackers harvest data or prepare unauthorised transactions in the background.

TruLY Score by LatestLY
Rating:3

TruLY Score 3 – Believable; Needs Further Research | On a Trust Scale of 0-5 this article has scored 3 on LatestLY, this article appears believable but may need additional verification. It is based on reporting from news websites or verified journalists (The Hackers News), but lacks supporting official confirmation. Readers are advised to treat the information as credible but continue to follow up for updates or confirmations

(The above story first appeared on LatestLY on Dec 09, 2025 11:58 AM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).