Cybercriminals are increasingly using disguised dropper apps to deliver sophisticated Android malware like Wonderland targeting users in Uzbekistan, enabling real-time command-and-control and data theft. These threats employ advanced obfuscation, dynamic infrastructure, and social engineering tactics to evade detection and facilitate financial fraud. #Wonderland #TrickyWonders
Keypoints
- Threat actors use malicious dropper apps disguised as legitimate applications to distribute malware.
- Wonderland malware enables real-time command and control, including USSD requests and SMS theft.
- The malware is propagated through fake web pages, social media ads, and hijacked messaging app sessions.
- Cybercriminal groups use dynamic infrastructure and obfuscation to evade detection and sustain operations.
- New Android malware like Cellik, Frogblight, and NexusRoute expand the scope of mobile-based financial and data theft attacks.
Read More: https://thehackernews.com/2025/12/android-malware-operations-merge.html