Summary is AI-generated, newsdesk-reviewed
  • zLabs discovers Fantasy Hub, an Android RAT offered as a Malware-as-a-Service (MaaS).
  • Spyware features include SMS theft, live audio streaming, and fake banking windows.
  • Fantasy Hub lowers entry barriers with its subscription, automation, and detailed instructions.
Related Links

zLabs researchers have revealed the emergence of Fantasy Hub, a sophisticated Android Remote Access Trojan (RAT) being offered on Russian-language platforms as a Malware-as-a-Service (MaaS) subscription.

This spyware package comes equipped with a comprehensive array of espionage and device-control capabilities, including the theft of SMS, contacts, and call logs, as well as the ability to stream live audio and video and deploy fake banking windows to capture user credentials.

Turnkey MaaS Service

Fantasy Hub distinguishes itself from standalone malware kits by providing a complete service for subscribers

Fantasy Hub distinguishes itself from standalone malware kits by providing a complete service for subscribers. It includes seller documentation, instructional videos, and a subscription bot hosted on Telegram.

This approach allows even those with limited expertise to engage in advanced spyware deployment by feasibly cloning Google Play pages, icons, and app names.

Users can effortlessly imitate renowned services like Telegram to deceive individuals into downloading malware-laden applications.

Lowering Barriers and Targeting Financial Data

The subscription-based structure of Fantasy Hub simplifies entry by offering documentation, bot management, and automated creation options. Primarily targeting financial data, the spyware impersonates banks such as Alfa, PSB, Tbank, and Sber, aiming to acquire users' mobile banking credentials.

Additionally, it manipulates SMS-approved privileges, exploiting Android’s default SMS handler to discreetly intercept two-factor authentication messages and forward content undetected.

Advanced Evasion and Commoditization

Fantasy Hub employs sophisticated evasive maneuvers by masquerading as a Google Play update, vigilantly assessing device environments to circumvent analysis and detection.

This MaaS framework indicates how mobile spyware is being commoditized, enabling campaigns that threaten financial institutions and enterprise environments supporting Bring Your Own Device (BYOD) policies.

"Fantasy Hub shows how professionalized seller support is turning complex spyware into accessible services," emphasized Vishnu Pratapagiri, a researcher at zLabs. "Organizations must assume even legitimate-looking apps could hide malicious droppers capable of intercepting authentication and sensitive data."

Stay ahead of the trends on securing physical access control systems through layered cybersecurity practices.

Show full press release

Related videos

Find Lost Wallet with Dahua WizSeek

Find Lost Wallet with Dahua WizSeek
Dahua Traffic Signal Controller Highlight

Dahua Traffic Signal Controller Highlight
Insta DomainLink Secret™

Insta DomainLink Secret™

In case you missed it

Which Vertical Markets Have The Greatest Growth Potential For Security?
Which Vertical Markets Have The Greatest Growth Potential For Security?

To serve various vertical markets and industries effectively, security professionals must recognize that each sector has unique assets, risks, compliance requirements, and operatio...

eCLIQ Enhances Security At Marin Hospital Of Hendaye
eCLIQ Enhances Security At Marin Hospital Of Hendaye

The Marin Hospital of Hendaye in the French Basque Country faced common challenges posed by mechanical access control. Challenges faced Relying on mechanical lock-and-key technol...

What’s Behind (Perimeter) Door #1?
What’s Behind (Perimeter) Door #1?

A lot has been said about door security — from reinforced door frames to locking mechanisms to the door construction — all of which is crucial. But what security measur...

Featured white papers
The Key To Unlocking K12 School Safety Grants

The Key To Unlocking K12 School Safety Grants

Download
Honeywell GARD USB Threat Report 2024

Honeywell GARD USB Threat Report 2024

Download
Physical Access Control

Physical Access Control

Download
The 2024 State Of Physical Access Trend Report

The 2024 State Of Physical Access Trend Report

Download
The Security Challenges Of Data Centers

The Security Challenges Of Data Centers

Download
More corporate news
AITX: AI-Driven Security Solutions Boost Sales

AITX: AI-Driven Security Solutions Boost Sales
Corero Boosts DDoS Protection Sales In 2025

Corero Boosts DDoS Protection Sales In 2025
Gartner Names Alibaba Cloud A Leader In 2025 Quadrant

Gartner Names Alibaba Cloud A Leader In 2025 Quadrant
Featured products
KentixONE – IoT Access And Monitoring For Data Centers

KentixONE – IoT Access And Monitoring For Data Centers
Climax Technology HSGW-Gen3 Modular Smart Security Gateway

Climax Technology HSGW-Gen3 Modular Smart Security Gateway
Delta Scientific DSC50 ‘S’ Barrier: Portable, Crash-Rated Vehicle Mitigation Solution

Delta Scientific DSC50 ‘S’ Barrier: Portable, Crash-Rated Vehicle Mitigation Solution