{"id":52708,"date":"2023-07-11T14:39:42","date_gmt":"2023-07-11T14:39:42","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/34787\/Clever-Letscall-Vishing-Malware-Targets-Android-Phones.html"},"modified":"2023-07-11T14:39:42","modified_gmt":"2023-07-11T14:39:42","slug":"clever-letscall-vishing-malware-targets-android-phones","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/clever-letscall-vishing-malware-targets-android-phones\/","title":{"rendered":"Clever Letscall Vishing Malware Targets Android Phones"},"content":{"rendered":"<div><img decoding=\"async\" src=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/07\/mobile-malware.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p>A sophisticated voice-based phishing malware is targeting Android handsets and bilking private financial data from targets, part of a trend raking in millions of dollars of profits using vishing attack techniques. Unlike typical and simple vishing scams, these attacks hijack handsets, implants pre-recorded voice messages and re-routs calls to scammer call centers.<\/p>\n<p>A recent analysis of the vishing campaign by researchers maps out how the malware works and traces it to a group of malicious Android apps. Once victims are tricked into installing the malware, adversaries are able to launch a series of <a href=\"https:\/\/www.scmagazine.com\/news\/social-engineering\/nearly-half-of-organizations-experienced-a-vishing-or-social-engineering-attack-in-the-last-year\" target=\"_blank\" rel=\"noreferrer noopener\">voice-based phishing<\/a> scams.<\/p>\n<p>The unknown threat actor responsible for the malware is currently targeting victims in South Korea but the researchers believe the package could be easily adapted to operate in any country, and sold on the dark web as a service.<\/p>\n<p>In a <a href=\"https:\/\/www.threatfabric.com\/blogs\/letscall-new-sophisticated-vishing-toolset\">report<\/a> post last week, researchers at ThreatFabric said they identified the malicious app Letscall during their regular threat-hunting activities. The malware, they said, is particularly effective for harvesting personal information and carrying out financial scams.<\/p>\n<p>Once infected, threat actors can take control of the device\u2019s calling function, allowing them to make spoofed calls pretending to be from a financial institution, or to divert calls to their own call center when the victim tries to phone their bank.<\/p>\n<h2>Scam calls are big business<\/h2>\n<p>\u201cIn case the victim notices some unusual activity, the attacker will call the victim, posing as a member of the Bank security team, and reassure the victim that there is nothing to worry about,\u201d the researchers wrote.<\/p>\n<p>ThreatFabric found audio files embedded in the malware that mimicked the greetings a caller would hear if they phoned particular banks. These audio files would be played as the app diverted a call to the threat actor\u2019s call center when the victim attempted to call their bank.<\/p>\n<p>\u201cA well-prepared operator [at the fake call center] will answer the call in case the victim decides to contact the bank and ask questions related to suspicious activity,\u201d the researchers said.<\/p>\n<p>\u201cWith this Modus Operandi, attackers may also ask the victim for additional details that could help them in their criminal activities and complete the fraudulent money transfer.\u201d<\/p>\n<p>Similar malware, also targeting victims in South Korean, was <a href=\"https:\/\/research.checkpoint.com\/2023\/south-korean-android-banking-menace-fakecalls\/\" target=\"_blank\" rel=\"noreferrer noopener\">analyzed by Check Point<\/a> who said voice phishing attacks had a long history in the country. According to a government report, voice phishing scams cost South Koreans approximately $600 million in 2020 and impacted up to 170,000 people between 2016 and 2020.<\/p>\n<h2>How phones are infected<\/h2>\n<p>The Letscall infection begins when a victim visits a phishing website that imitates a page on the Google Play Store, where clicking on a link downloads the first stage of the malware onto their phone. ThreatFabric said it was unclear how victims were persuaded to visit the phishing site although it was likely malicious SEO techniques, or a spam-based social engineering ruse was used.<\/p>\n<p>Among the mimicked sites the researchers discovered were two for loan comparison aggregator services.<\/p>\n<p>\u201cEach page will trick the victim to type in sensitive information, such as Resident registration number (or ID), phone number, home address, salary size, and employer name. That input data will be automatically sent to the attackers,\u201d the report said.<\/p>\n<p>\u201cThe same data is supposed to be typed into the original web page of the loan aggregator. We can say with high confidence that attackers will either use the exfiltrated data to fill a similar form on the legitimate website to request a loan, or it might also be possible that the phishing page is acting as a proxy between the victim and loan aggregator page.\u201d<\/p>\n<p>The second and third stage of the infection involved the installation of a powerful spyware application used to exfiltrate data and enroll the device into a peer-to-peer (P2P) voice over IP communication and messaging service, Zegocloud.<\/p>\n<p>\u201cSuch functionality is needed to perform P2P voice\/video connection between the call-centre operator and victim, and the same channel is also used for C2 (command-and-control) communication with many different commands,\u201d the researchers said.<\/p>\n<h2>The rise of vishing<\/h2>\n<p>While Letscall was observed targeting the South Korean market, ThreatFabric\u2019s researchers said there was nothing preventing the threat actors behind the malware from extending its scope into other countries.<\/p>\n<p>\u201cIn other words, we are dealing with a ready-to-use framework which could be used by any threat actor, as it contains all instructions and tools on how to operate the affected devices and how to communicate with the victims,\u201d the researchers said.<\/p>\n<p>\u201cIt is clear that technical features are as important as social engineering, which is confirmed by the attention the group dedicates to using fake Google Play pages, stolen logos of the existent Korean applications, combined with a new technique with nanoHTTPD to drop the payload,\u201d they wrote.<\/p>\n<p>\u201cFinally, the well-designed infrastructure that we observed during our analysis could potentially be used by phone operators speaking different languages. We predict that such a tool kit could be promoted as MaaS (Malware as a Service) on the Darkweb.\u201d<\/p>\n<p>To avoid infection from Letscall and other vishing malware, phone users should deny accessibility services access to any suspicious applications, the researchers said. \u201cWithout this permission, it will be much harder for criminals to act on the device.\u201d<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/34787\/Clever-Letscall-Vishing-Malware-Targets-Android-Phones.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":52709,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[6140],"class_list":["post-52708","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-packet-storm","tag-headlinemalwarephoneflawgoogle"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Clever Letscall Vishing Malware Targets Android Phones 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/clever-letscall-vishing-malware-targets-android-phones\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Clever Letscall Vishing Malware Targets Android Phones 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/clever-letscall-vishing-malware-targets-android-phones\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-07-11T14:39:42+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/07\/mobile-malware.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/clever-letscall-vishing-malware-targets-android-phones\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/clever-letscall-vishing-malware-targets-android-phones\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Clever Letscall Vishing Malware Targets Android Phones\",\"datePublished\":\"2023-07-11T14:39:42+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/clever-letscall-vishing-malware-targets-android-phones\\\/\"},\"wordCount\":879,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/clever-letscall-vishing-malware-targets-android-phones\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/07\\\/clever-letscall-vishing-malware-targets-android-phones.jpg\",\"keywords\":[\"headline,malware,phone,flaw,google\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/clever-letscall-vishing-malware-targets-android-phones\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/clever-letscall-vishing-malware-targets-android-phones\\\/\",\"name\":\"Clever Letscall Vishing Malware Targets Android Phones 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/clever-letscall-vishing-malware-targets-android-phones\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/clever-letscall-vishing-malware-targets-android-phones\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/07\\\/clever-letscall-vishing-malware-targets-android-phones.jpg\",\"datePublished\":\"2023-07-11T14:39:42+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/clever-letscall-vishing-malware-targets-android-phones\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/clever-letscall-vishing-malware-targets-android-phones\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/clever-letscall-vishing-malware-targets-android-phones\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/07\\\/clever-letscall-vishing-malware-targets-android-phones.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/07\\\/clever-letscall-vishing-malware-targets-android-phones.jpg\",\"width\":900,\"height\":481},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/clever-letscall-vishing-malware-targets-android-phones\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,malware,phone,flaw,google\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinemalwarephoneflawgoogle\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Clever Letscall Vishing Malware Targets Android Phones\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Clever Letscall Vishing Malware Targets Android Phones 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/clever-letscall-vishing-malware-targets-android-phones\/","og_locale":"en_US","og_type":"article","og_title":"Clever Letscall Vishing Malware Targets Android Phones 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/clever-letscall-vishing-malware-targets-android-phones\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-07-11T14:39:42+00:00","og_image":[{"url":"https:\/\/files.scmagazine.com\/wp-content\/uploads\/2023\/07\/mobile-malware.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/clever-letscall-vishing-malware-targets-android-phones\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/clever-letscall-vishing-malware-targets-android-phones\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Clever Letscall Vishing Malware Targets Android Phones","datePublished":"2023-07-11T14:39:42+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/clever-letscall-vishing-malware-targets-android-phones\/"},"wordCount":879,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/clever-letscall-vishing-malware-targets-android-phones\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/07\/clever-letscall-vishing-malware-targets-android-phones.jpg","keywords":["headline,malware,phone,flaw,google"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/clever-letscall-vishing-malware-targets-android-phones\/","url":"https:\/\/www.threatshub.org\/blog\/clever-letscall-vishing-malware-targets-android-phones\/","name":"Clever Letscall Vishing Malware Targets Android Phones 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/clever-letscall-vishing-malware-targets-android-phones\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/clever-letscall-vishing-malware-targets-android-phones\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/07\/clever-letscall-vishing-malware-targets-android-phones.jpg","datePublished":"2023-07-11T14:39:42+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/clever-letscall-vishing-malware-targets-android-phones\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/clever-letscall-vishing-malware-targets-android-phones\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/clever-letscall-vishing-malware-targets-android-phones\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/07\/clever-letscall-vishing-malware-targets-android-phones.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/07\/clever-letscall-vishing-malware-targets-android-phones.jpg","width":900,"height":481},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/clever-letscall-vishing-malware-targets-android-phones\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,malware,phone,flaw,google","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinemalwarephoneflawgoogle\/"},{"@type":"ListItem","position":3,"name":"Clever Letscall Vishing Malware Targets Android Phones"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52708","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=52708"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52708\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/52709"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=52708"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=52708"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=52708"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}