<ul><li>Threat actors are using newly registered domains to deliver the SpyNote Android remote access trojan</li><li>The SpyNote malware is delivered through spoofed app installation pages mimicking Google Play listings</li><li>Once installed, SpyNote can record phone calls, capture keystrokes, and prevent its own uninstallation</li><li>Users and enterprise security teams are advised to remain vigilant against spoofed app pages and avoid unknown sources for APKs</li></ul>

SpyNote Android malware resurfaces in campaign using spoofed app install pages

Discover more