Skip to main content
See every side of every news story
Get Started
SubscribeLogin
Published loading...Updated

Open Source Malware Surges 140% as Attacks Target Developers

Klopatra malware has infected around 3,000 devices by mimicking a free VPN app to steal banking credentials and build a botnet, cybersecurity firm Cleafy said.

  • Cybersecurity firm Cleafy issued a report saying Klopatra poses as the free VPN Mobdro Pro IP + VPN, leveraging the Mobdro brand to trick users into installing malware.
  • Kaspersky researchers in the past year warned of rising malware apps posing as free VPNs, including MaskVPN, PaladinVPN, ShineVPN, ShieldVPN, DewVPN and ProxyGate.
  • A fake installation wizard guides users through steps that hand over total control using accessibility services, while Cleafy says the group probably based in Turkey is refining its tactics.
  • Victims face drained banking apps as Klopatra abuses accessibility services, and Cleafy believes it has roped around 3,000 devices mainly in Italy and Spain.
  • App stores may be slow to remove implicated apps, so users should vet free VPN apps before downloading and, if unsure, choose Proton VPN or hide.me.
Insights by Ground AI

49 Articles

20minutos20minutos
Center

My Advice of the Day: if You See a Free Vpn Don't Download It, Klopatra Stalks

A sophisticated malware called Klopatra is causing chaos, because it is camouflaged in highly requested apps, which offer from pirate IPTV lists, to free VPNs.

·Madrid, Spain
Read Full Article
EngadgetEngadget
Reposted by
World NEWS LiveWorld NEWS Live
Lean Left

Malware apps posing as free VPNs are on the rise

A recent report on the Klopatra malware operation shows hackers taking advantage of a surge in VPN use.

·United States
Read Full Article
BleepingComputerBleepingComputer
Center

Fog ransomware attack uses unusual mix of legitimate and open-source tools

Fog ransomware hackers are using an uncommon toolset, which includes open-source pentesting utilities and a legitimate employee monitoring software called Syteca.

Read Full Article
WiredWired
Lean Left

Security Researchers Warn a Widely Used Open Source Tool Poses a 'Persistent' Risk to the US

The open source software easyjson is used by the US government and American companies. But its ties to Russia’s VK, whose CEO has been sanctioned, have researchers sounding the alarm.

·United States
Read Full Article
diarioestrategia.cldiarioestrategia.cl

This Is How Grok Is Tricked Into Spreading Large-Scale Phishing and Malware Links Into X.

A new malicious ad campaign has managed to manipulate Grok, the "chatbot" integrated into social network X (formerly Twitter), to spread large-scale phishing and malware links.

Read Full Article
cybernoz.comcybernoz.com

Malicious Ivanti VPN Client Sites In Google Search Deliver Malware — Users Warned - Cybernoz - Cybersecurity News

Cybersecurity researchers at Zscaler have uncovered a sophisticated malware campaign that exploits search engine optimization (SEO) poisoning to distribute a trojanized version of the Ivanti Pulse Secure VPN client, targeting unsuspecting users seeking legitimate software downloads. The Zscaler Threat Hunting team recently detected a surge in malicious activity leveraging SEO manipulation, primarily targeting Bing search engine users. Cybercrimi…

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 50% of the sources lean Left, 50% of the sources are Center
50% Center

Factuality 

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

HackRead broke the news in on Monday, March 10, 2025.
Sources are mostly out of (0)

Similar News Topics

Hacking icon

Hacking

Crime icon

Crime

Software icon

Software

Research icon

Research

China Politics icon

China Politics

Finance icon

Finance

Security icon

Security

News
For You
SearchBlindspotLocal