Method of infection: Water-holing
OSIRIS used a Social Engineering method called “water holing” to attack German IP addresses.
How does water holing attack work?
- The victim enters the infected website.
- The website checks if the target IP is German.
- If it’s a German IP – few evasion techniques are used to bypass EDR
- And then the virus connects to its command server through the Darknet
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW,
And see where your Company is Exposed to Hackers
Recently Posted on AUMINT.io Blog
Android 15 Is Still Vulnerable – How TapTrap Bypasses Every Defense
🚨 Android 15 Still Exposed – The Attack Nobody Saw Coming
⚠️ Imagine a zero-permission app silently hijacking your taps. No overlays. No SYSTEM_ALERT_WINDOW. No warnings.
📱 This is TapTrap – a groundbreaking attack that bypasses every Android tapjacking defense using UI animations instead of overlays.
💥 Here’s what makes it terrifying:
✅ Works on Android 15 – the latest version
✅ Grants camera, location, and notification access without you noticing
✅ Can escalate to full device wipe or browser-based clickjacking
✅ Exploits a flaw that doubles the attack window to 6 seconds
📊 We analyzed 99,705 Play Store apps:
✔ 76.3% are vulnerable
✔ User study: 100% of participants failed to spot it
🔍 Security indicators? Easily masked. Privacy Dashboard? Doesn’t show the malicious app.
If you manage mobile security for your org, this is a wake-up call. A single compromised device can leak corporate data, break MFA, and open doors for phishing.
Ready to see how this attack works and how to defend before it hits your business?
Book a free TapTrap security briefing now.
#CyberSecurity #Android #MobileSecurity #CISOs #CTOs #RiskManagement #AppSec