{"id":48560,"date":"2022-09-22T20:15:34","date_gmt":"2022-09-22T20:15:34","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\/"},"modified":"2022-09-22T20:15:34","modified_gmt":"2022-09-22T20:15:34","slug":"check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\/","title":{"rendered":"Check out this Android spyware, says Microsoft, the home of a gazillion Windows flaws"},"content":{"rendered":"<p>Data-stealing spyware disguised as a banking rewards app is targeting Android users, Microsoft&#8217;s security team has warned.<\/p>\n<p>The malware, which can be remotely controlled by miscreants once it has infected a device, appears to be an updated version of an <a href=\"https:\/\/blog.cyble.com\/2021\/12\/27\/spyware-targeting-customers-of-top-indian-banks\/\" rel=\"nofollow\">Android software nasty<\/a> first observed in 2021. Back then it was seen robbing Indian bank customers. This latest variant has several additional backdoor capabilities and much better obfuscation, allowing it to stealthily steal victims&#8217; two-factor authentication (2FA) messages for bank accounts, account login details, and personally identifiable information (PII) without detection, we&#8217;re told.<\/p>\n<p>The Microsoft threat hunters&#8217; investigation began after receiving a text message claiming to be from India&#8217;s ICICI bank&#8217;s rewards program. It included the bank&#8217;s logo, alerted the user that their loyalty points were about to expire, and instructed them to click on a malicious link.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yy1ATZnEvAh6Kco@MoZphQAAAIY&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yy1ATZnEvAh6Kco@MoZphQAAAIY&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Clicking on the link downloads a fake banking rewards app, which the Redmond team detected as carrying TrojanSpy:AndroidOS\/Banker.O. When run, it asks the user to enable specific permissions, and then asks for the user&#8217;s credit card details to harvest along with all the other data it be instructed to steal. One hopes being asked for card information right off the bat is a red flag for most people.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Yy1ATZnEvAh6Kco@MoZphQAAAIY&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Yy1ATZnEvAh6Kco@MoZphQAAAIY&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Yy1ATZnEvAh6Kco@MoZphQAAAIY&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Yy1ATZnEvAh6Kco@MoZphQAAAIY&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>Using open-source intelligence, the security researchers determined that the phony app&#8217;s command and control (C2) server is used by or linked to 75 other malicious Android applications, distributed as APK files.&nbsp;<\/p>\n<p>&#8220;Some of the malicious APKs also use the same Indian bank&#8217;s logo as the fake app that we investigated, which could indicate that the actors are continuously generating new versions to keep the campaign going,&#8221; the researchers <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2022\/09\/21\/rewards-plus-fake-mobile-banking-rewards-apps-lure-users-to-install-info-stealing-rat-on-android-devices\/\" rel=\"nofollow\">noted<\/a> this week.<\/p>\n<div class=\"boxout\" readability=\"28.872180451128\">\n<p>In addition to pointing out malware in Android \u2013 an OS made by arch-rival Google \u2013 Microsoft also this week issued an out-of-band <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/en-US\/vulnerability\/CVE-2022-37972\" rel=\"nofollow\">security update<\/a> for a spoofing vulnerability in Microsoft Endpoint Configuration Manager.&nbsp;<\/p>\n<p>The hole, tracked as CVE-2022-37972, affects versions 2103 to 2207, and can be exploited to steal sensitive information, according to the US government&#8217;s CISA, which <a href=\"https:\/\/www.cisa.gov\/uscert\/ncas\/current-activity\/2022\/09\/21\/microsoft-releases-out-band-security-update-microsoft-endpoint\" rel=\"nofollow\">urged<\/a> folks to apply the fix.<\/p>\n<p>The bug received a 7.5 out of 10 CVSS severity score, and its details have already been publicly disclosed. Microsoft says exploitation is &#8220;less likely.&#8221; Still, it&#8217;s a low-complexity attack that&#8217;s publicly known, so it&#8217;s time to get patching.&nbsp;&nbsp;<\/p>\n<p>According to Redmond, the fix, <a href=\"https:\/\/learn.microsoft.com\/en-us\/mem\/configmgr\/hotfix\/2207\/15498768\" rel=\"nofollow\">KB15498768<\/a>, will be listed in the Updates and Servicing node of the Configuration Manager console.<\/p>\n<\/div>\n<p>Upon further analysis, Microsoft discovered the Android malware uses MainActivity, AutoStartService, and RestartBroadCastReceiverAndroid functions to conduct a raft of nefarious activities including intercepting calls, accessing and uploading call logs, messages, contacts, and network information, and modifying the Android device&#8217;s settings.&nbsp;<\/p>\n<p>These three functions also allow the app to continue spying on the victim&#8217;s phone and running in the background without any user interaction.<\/p>\n<p>Though the software nasty can receive and carry out a range of commands from its control server, one edict in particular \u2014 the silent command, which puts the device on silent mode \u2014 is rather dangerous because it allows the attacker to receive, steal, and delete messages without alerting the user.<\/p>\n<p>This is bad because banking apps often require 2FA, often sent through SMS. So by turning on the phone&#8217;s silent mode, the miscreants can steal these 2FA messages without the victim&#8217;s knowledge, thus allowing them to get into online banking accounts \u2013 once they have learned all the necessary credentials \u2013 and potentially drain them of money.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Yy1ATZnEvAh6Kco@MoZphQAAAIY&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Yy1ATZnEvAh6Kco@MoZphQAAAIY&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>According to the Windows giant&#8217;s security researchers:<\/p>\n<p>Microsoft&#8217;s team notes that the spyware encrypts all data it sends to its remote masterminds and decrypts the scrambled SMS commands it receives. This uses a combo of Base64 encoding\/decoding and AES encryption\/decryption methods.<\/p>\n<p>Additionally, the malware uses the open-source library <a href=\"https:\/\/socket.io\/\" rel=\"nofollow\">socket.io<\/a> to communicate with its C2 server.<\/p>\n<p>To prevent this and other info-stealing malware from wreaking havoc, the security researchers suggest downloading and installing apps only from official app stores. They also note Android users can keep the &#8220;Unknown sources&#8221; option disabled, which prevents potentially malicious sources from installing malware disguised as legitimate apps.<\/p>\n<p>As we&#8217;ve <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2022\/04\/27\/microsoft-linux-vulnerability\/\" rel=\"noopener\">said before<\/a>, it&#8217;s nice that Microsoft is pointing out cybersecurity issues in other people&#8217;s code \u2013 raising awareness is good for users \u2013 but it&#8217;s strange to see Redmond making a song and dance about this sort of thing when it routinely downplays the scores of vulnerabilities it fixes in its own products every month. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2022\/09\/22\/microsoft_android_spyware_endpoint\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>While issuing an emergency patch for Endpoint Configuration Manager Data-stealing spyware disguised as a banking rewards app is targeting Android users, Microsoft&#8217;s security team has warned.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-48560","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Check out this Android spyware, says Microsoft, the home of a gazillion Windows flaws 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Check out this Android spyware, says Microsoft, the home of a gazillion Windows flaws 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-09-22T20:15:34+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yy1ATZnEvAh6Kco@MoZphQAAAIY&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Check out this Android spyware, says Microsoft, the home of a gazillion Windows flaws\",\"datePublished\":\"2022-09-22T20:15:34+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\\\/\"},\"wordCount\":768,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yy1ATZnEvAh6Kco@MoZphQAAAIY&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\\\/\",\"name\":\"Check out this Android spyware, says Microsoft, the home of a gazillion Windows flaws 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yy1ATZnEvAh6Kco@MoZphQAAAIY&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2022-09-22T20:15:34+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yy1ATZnEvAh6Kco@MoZphQAAAIY&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yy1ATZnEvAh6Kco@MoZphQAAAIY&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Check out this Android spyware, says Microsoft, the home of a gazillion Windows flaws\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Check out this Android spyware, says Microsoft, the home of a gazillion Windows flaws 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\/","og_locale":"en_US","og_type":"article","og_title":"Check out this Android spyware, says Microsoft, the home of a gazillion Windows flaws 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-09-22T20:15:34+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yy1ATZnEvAh6Kco@MoZphQAAAIY&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Check out this Android spyware, says Microsoft, the home of a gazillion Windows flaws","datePublished":"2022-09-22T20:15:34+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\/"},"wordCount":768,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yy1ATZnEvAh6Kco@MoZphQAAAIY&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\/","url":"https:\/\/www.threatshub.org\/blog\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\/","name":"Check out this Android spyware, says Microsoft, the home of a gazillion Windows flaws 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yy1ATZnEvAh6Kco@MoZphQAAAIY&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2022-09-22T20:15:34+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yy1ATZnEvAh6Kco@MoZphQAAAIY&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/cybercrime&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Yy1ATZnEvAh6Kco@MoZphQAAAIY&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/check-out-this-android-spyware-says-microsoft-the-home-of-a-gazillion-windows-flaws\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Check out this Android spyware, says Microsoft, the home of a gazillion Windows flaws"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/48560","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=48560"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/48560\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=48560"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=48560"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=48560"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}