Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

GoldFactory Southeast Asia mobile fraud campaign using modified banking apps

Campaign
First reported
Last updated
Happening score
H score 38
1 unique sources, 1 articles

Summary

Hide ▲

GoldFactory has launched a fresh mobile fraud campaign against users in Indonesia, Thailand, and Vietnam, using government impersonation and modified banking apps to spread Android malware. The operation has been active since October 2024 and has already produced thousands of infections. By combining phone lures, messaging-app delivery, and fake app pages, the group is scaling remote-control fraud across the region.

Related Happenings

Grandoreiro DLL side-loading campaign targeting banks in Portugal

Campaign
First: 27.05.2026 19:10 Last: 27.05.2026 19:10 Sources 1

About this happening: **Grandoreiro** is running a new **DLL side-loading** campaign against **banks in Portugal**, extending a long-lived banking-malware operation into **2026**. The latest wave uses...

Open Happening

Trapdoor Android malvertising and ad-fraud campaign

Campaign
First: 19.05.2026 19:38 Last: 19.05.2026 19:38 Sources 1

About this happening: The **Trapdoor** campaign is a **self-sustaining malvertising and ad-fraud operation** targeting **Android users** and turning app installs into revenue through threat-actor-contr...

Open Happening

AI-driven attack surge against customer-facing mobile apps in 2026

Target Trend
First: 19.05.2026 15:00 Last: 19.05.2026 15:00 Sources 1

About this happening: **Customer-facing mobile apps** faced a sharp rise in attacks in **2026**, with **87%** of monitored apps hit versus **55% in 2022**. The trend matters because **agentic AI** is l...

Open Happening

CallPhantom Google Play fraud campaign targeting Android users in India and Asia-Pacific

Campaign
First: 08.05.2026 18:08 Last: 08.05.2026 18:08 Sources 1

About this happening: The **CallPhantom** fraud campaign pushed **28 fake call-history Android apps** through the **Google Play Store**, causing **financial loss** for users who paid for fabricated dat...

Open Happening

Perseus IPTV-lure distribution campaign targeting Europe and the Middle East

Campaign
First: 19.03.2026 14:43 Last: 19.03.2026 14:43 Sources 1

About this happening: The **Perseus** distribution campaign is actively pushing **Android malware** through **phishing sites** and **IPTV-lure apps**, increasing the risk of **device takeover** and **f...

Open Happening

Timeline

  1. 04.12.2025 11:27 2 articles · 5mo ago

    GoldFactory Southeast Asia mobile fraud campaign disclosed

    Initial Disclosure

    GoldFactory is targeting mobile users in Indonesia, Thailand, and Vietnam with modified banking applications that impersonate government services and redirect victims to fake Google Play Store-style pages, while Group-IB identified more than 300 unique samples tied to almost 2,200 infections in Indonesia and at least 11,000 infections overall.

    Show sources
    Open in new tab