"Dutch mobile security company ThreatFabric said it discovered the campaign in August 2025 after users in Australia reported scammers managing Facebook groups promoting "active senior trips." Some of the other territories targeted by the threat actors include Singapore, Malaysia, Canada, South Africa, and the U.K. The campaigns, it added, specifically focused on elderly people looking for social activities, trips, in-person meetings, and similar events. These Facebook groups have been found to share artificial intelligence (AI)-generated content, claiming to organize various activities for seniors."
"Should prospective targets express willingness to participate in these events, they are subsequently approached via Facebook Messenger or WhatsApp, where they are asked to download an APK file from a fraudulent link (e.g., "download.seniorgroupapps[.]com"). "The fake websites prompted visitors to install a so-called community application, claiming it would allow them to register for events, connect with members, and track scheduled activities," ThreatFabric said in a report shared with The Hacker News."
Datzbro is a previously undocumented Android banking trojan capable of conducting device takeover (DTO) attacks and facilitating fraudulent transactions. The campaign targets elderly people via Facebook groups promoting senior activities, using AI-generated posts to lure victims. Communication continues via Facebook Messenger or WhatsApp, where victims are urged to download APKs from fraudulent sites like download.seniorgroupapps[.]com. Websites prompt installation of a "community application" and contain iOS download placeholders, with attackers distributing TestFlight apps. The Android malware is deployed directly or via a Zombinder-built dropper to bypass Android 13+ security.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]