Human rights activists in Morocco and the Western Sahara region are the targets of a new threat actor that leverages phishing attacks to trick victims into installing bogus Android apps and serve credential harvesting pages for Windows users.
Cisco Talos is tracking the activity cluster under the name Starry Addax, describing it as primarily singling out activists associated with
A malicious campaign leveraged seemingly innocuous Android dropper apps on the Google Play Store to compromise users' devices withΒ bankingΒ malware.
These 17 dropper apps, collectively dubbedΒ DawDropperΒ by Trend Micro, masqueraded as productivity and utility apps such as document scanners, QR code readers, VPN services, and call recorders, among others. All these apps in question have been