RedWing is a Telegram-rented Android bank-fraud service that helps criminals hijack phones, steal banking credentials, capture one-time codes, and control calls, screens, and devices in real time. Zimperium says it resembles the Oblivion rental malware and may be linked to Russian threat actors, while defenders are advised to focus on install-time abuse and suspicious permission requests rather than app names. #RedWing #Oblivion #Telegram #Zimperium #zLabs #FantasyHub #Albiriox #Klopatra
Keypoints
- RedWing is sold on Telegram as a ready-made Android bank-fraud service.
- The kit lets low-skill criminals steal logins, OTPs, and payment data.
- Its fake app-store pages mimic Google Play, Galaxy Store, AppGallery, and RuStore.
- RedWing abuses Accessibility, SMS, and call forwarding to control victim devices.
- Researchers linked it to Russian-market targeting and shared tactics seen in Oblivion, Fantasy Hub, Albiriox, and Klopatra.
Read More: https://thehackernews.com/2026/07/redwing-maas-packages-android-bank.html