A new Android malware called Fantasy Hub has been discovered by cybersecurity researchers. This malware is being sold as a full Malware-as-a-Service (MaaS) package on underground forums. It is designed to give hackers remote access to infected Android phones. The service is mainly promoted through Russian-speaking cybercrime channels.
Fantasy Hub works like a remote access trojan that can fully control a victim’s device. Once installed, it can steal SMS messages, contacts, call logs, and media files. It can also read notifications, send or delete messages, and even use the camera and microphone secretly. This gives attackers complete control over the phone.
The malware is being marketed as a professional toolkit for cybercriminals. Its creators provide fake app store pages, detailed video guides, and step-by-step setup instructions. Buyers can upload any legitimate Android app, and the system returns a modified version with the malware already embedded. Even beginners can use it easily.
One of the most dangerous abilities of Fantasy Hub is its power to steal banking information. It can create fake login screens that look exactly like popular banking apps. Victims unknowingly enter their account details and passwords. The malware can also intercept SMS-based two-factor authentication codes, making financial theft easier.
Fantasy Hub’s entire operation is run through Telegram, which acts as its control center. A Telegram bot helps buyers manage their subscriptions, build custom versions of the malware, and receive stolen data. This makes the whole process automated and simple for hackers who rent the service.
The malware spreads mainly through fake websites and phishing pages that mimic trusted apps. Some versions even appear as fake Google Play updates to trick users. Once permissions are granted, it gains full access to messages, notifications, and device storage. The infection happens silently in the background.
Security experts have warned that Fantasy Hub could be a serious threat to both individuals and organizations. It targets mobile banking users and employees who use personal phones for work. A single infected device can expose sensitive personal or financial data to criminals. The malware’s ease of use makes it even more dangerous.
To stay safe, users should only download apps from official stores and trusted sources. Avoid granting unnecessary permissions like SMS or notification access. Keep your Android device updated with the latest security patches. Using strong authentication methods beyond SMS-based codes can also reduce the risk of attack.
Stay alert, and keep your security measures updated!
Source: Follow cybersecurity88 on X and LinkedIn for the latest cybersecurity news
