{“lastseen”:”2025-11-10T14:05:07″,”description”:”Researchers at Zimperium identified Fantasy Hub, a new Android spyware developed and sold as a subscription on Russian-language cybercrime forums.\\n\\nMalware-as-a-Service (MaaS) means cybercriminals rent out to malware to other criminals, complete with the infrastructure necessary to harvest and abuse stolen information. Usually, it’s up to the buyer to spread the malware, but Fantasy Hub goes a step further\u2014it comes with full documentation, video tutorials, and a subscription model that makes it easy for even inexperienced attackers to use. Its creators provide step-by-step guides to create fake Google Play pages that imitate apps like Telegram or online banking portals, complete with realistic reviews. It’s a Remote Access Trojan (RAT) that anyone can distribute.\\n\\nDistribution relies heavily on social engineering and phishing. Attackers use Fantasy Hub\u2019s templates and tools to set up convincing fake app pages, tricking users into downloading the malicious software. A \u201cdropper\u201d option even lets buyers upload any Android app APK and get back a modified version with Fantasy Hub added.\\n\\nThese counterfeit apps look legitimate, and often request only a single permission: SMS access. But that permission unlocks much more. The SMS handler role bundles multiple powerful permissions: contacts, camera, and file access into a single authorization step, unlocking extensive control over the device\u2019s messaging, contacts, and camera functions. Fantasy Hub is designed to bypass standard security checks and can remain concealed, making detection difficult for users.\\n\\n## What can it do?\\n\\nOnce installed, Fantasy Hub can steal SMS messages, call logs, contacts, photos, and videos. It can also intercept, reply to, and delete notifications. More dangerously, it can initiate live audio and video streams using the device\u2019s camera and microphone without the user\u2019s consent. It’s been found in imitation banking apps, displaying fake windows to harvest user credentials such as usernames, PINs, and passwords. As part of the handy pack provided by Fantasy Hub’s creators, attackers are given tools to tailor these phishing windows for almost any banking app they wish to target.\\n\\nWhile individuals at at risk from this malware, the threat extends to organizations that use Bring Your Own Device (BYOD) policies or rely on mobile banking and work apps. A single infected phone could expose company data or communications.\\n\\n## How to stay protected\\n\\nFantasy Hub shows how easily cybercriminals can now buy and run complex spyware. But a few simple habits can help you stay safe:\\n\\n * **Stick to trusted sources. **Download apps only from Google Play, Apple\u2019s App Store, or the official provider. Your bank will never ask you to use another source.\\n * **Protect your devices.** Use an up-to-date real-time anti-malware solution like Malwarebytes for Android, which already detects this malware.\\n * **Scrutinize permissions.** Does it really need the permissions it\u2019s requesting to do the job you want it to do? Especially if it asks for SMS or camera access.\\n * **Unsolicited communications.** Stay wary of messages, emails, or links urging you to \u201cupdate\u201d or install outside the official app stores.\\n\\n\\n\\n* * *\\n\\n**We don\u2019t just report on phone security\u2014we provide it**\\n\\nCybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.”,”published”:”2025-11-10T13:26:52″,”modified”:”2025-11-10T13:26:52″,”type”:”malwarebytes”,”title”:”Fantasy Hub is spyware for rent\u2014complete with fake app kits and support”,”source”:””,”references”:””,”id”:”MALWAREBYTES:C8DF401D1FFBA89D90A75F3C0F88020E”,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.malwarebytes.com\/blog\/news\/2025\/11\/fantasy-hub-is-spyware-for-rent-complete-with-fake-app-kits-and-support”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2025-11-10T14:05:07″,”description”:”Researchers at Zimperium identified Fantasy Hub, a new Android spyware developed and sold as a subscription on Russian-language cybercrime forums.\\n\\nMalware-as-a-Service (MaaS) means cybercriminals rent out…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,12,115,13,33,7,11,5],"class_list":["post-25411","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-exploit","tag-malwarebytes","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n