Summary is AI-generated, newsdesk-reviewed
  • zLabs discovers Fantasy Hub, an Android RAT offered as a Malware-as-a-Service (MaaS).
  • Spyware features include SMS theft, live audio streaming, and fake banking windows.
  • Fantasy Hub lowers entry barriers with its subscription, automation, and detailed instructions.
Related Links

zLabs researchers have revealed the emergence of Fantasy Hub, a sophisticated Android Remote Access Trojan (RAT) being offered on Russian-language platforms as a Malware-as-a-Service (MaaS) subscription.

This spyware package comes equipped with a comprehensive array of espionage and device-control capabilities, including the theft of SMS, contacts, and call logs, as well as the ability to stream live audio and video and deploy fake banking windows to capture user credentials.

Turnkey MaaS Service

Fantasy Hub distinguishes itself from standalone malware kits by providing a complete service for subscribers

Fantasy Hub distinguishes itself from standalone malware kits by providing a complete service for subscribers. It includes seller documentation, instructional videos, and a subscription bot hosted on Telegram.

This approach allows even those with limited expertise to engage in advanced spyware deployment by feasibly cloning Google Play pages, icons, and app names.

Users can effortlessly imitate renowned services like Telegram to deceive individuals into downloading malware-laden applications.

Lowering Barriers and Targeting Financial Data

The subscription-based structure of Fantasy Hub simplifies entry by offering documentation, bot management, and automated creation options. Primarily targeting financial data, the spyware impersonates banks such as Alfa, PSB, Tbank, and Sber, aiming to acquire users' mobile banking credentials.

Additionally, it manipulates SMS-approved privileges, exploiting Android’s default SMS handler to discreetly intercept two-factor authentication messages and forward content undetected.

Advanced Evasion and Commoditization

Fantasy Hub employs sophisticated evasive maneuvers by masquerading as a Google Play update, vigilantly assessing device environments to circumvent analysis and detection.

This MaaS framework indicates how mobile spyware is being commoditized, enabling campaigns that threaten financial institutions and enterprise environments supporting Bring Your Own Device (BYOD) policies.

"Fantasy Hub shows how professionalized seller support is turning complex spyware into accessible services," emphasized Vishnu Pratapagiri, a researcher at zLabs. "Organizations must assume even legitimate-looking apps could hide malicious droppers capable of intercepting authentication and sensitive data."

Stay ahead of the trends on securing physical access control systems through layered cybersecurity practices.

Show full press release

Related videos

Insta DomainLink Secret™

Insta DomainLink Secret™
Wan 2.2-S2V Demo Video: Female Singer

Wan 2.2-S2V Demo Video: Female Singer
Dahua MultiVision Online Event - Look Wider, Protect Deeper

Dahua MultiVision Online Event - Look Wider, Protect Deeper

In case you missed it

What Are Emerging Applications For Physical Security In Transportation?
What Are Emerging Applications For Physical Security In Transportation?

Transportation systems need robust physical security to protect human life, to ensure economic stability, and to maintain national security. Because transportation involves moving...

Gallagher's Perimeter Solutions With Fortified Partnership
Gallagher's Perimeter Solutions With Fortified Partnership

Global security manufacturer Gallagher Security is proud to announce a strategic partnership with Fortified Security, a pioneering perimeter systems integrator with over 30 years o...

Genetec's Role In Data Sovereignty For Security
Genetec's Role In Data Sovereignty For Security

Genetec Inc., the global pioneer in enterprise physical security software, highlights why data sovereignty has become a central concern for physical security leaders as more survei...

Featured white papers
The Key To Unlocking K12 School Safety Grants

The Key To Unlocking K12 School Safety Grants

Download
Honeywell GARD USB Threat Report 2024

Honeywell GARD USB Threat Report 2024

Download
Physical Access Control

Physical Access Control

Download
The 2024 State Of Physical Access Trend Report

The 2024 State Of Physical Access Trend Report

Download
The Security Challenges Of Data Centers

The Security Challenges Of Data Centers

Download
More corporate news
AITX: AI-Driven Security Solutions Boost Sales

AITX: AI-Driven Security Solutions Boost Sales
Corero Boosts DDoS Protection Sales In 2025

Corero Boosts DDoS Protection Sales In 2025
Gartner Names Alibaba Cloud A Leader In 2025 Quadrant

Gartner Names Alibaba Cloud A Leader In 2025 Quadrant
Featured products
Climax Mobile Lite: Advanced Personal Emergency Response System (PERS)

Climax Mobile Lite: Advanced Personal Emergency Response System (PERS)
Hanwha Vision OnCAFE: Cloud-Based Access Control for Modern Enterprises

Hanwha Vision OnCAFE: Cloud-Based Access Control for Modern Enterprises
Delta Scientific MP100 Portable Barricade Solution

Delta Scientific MP100 Portable Barricade Solution