North Korean Spies DM You On Facebook

Android Mirax RAT, North Korea's Friend-Request Hacks, Adobe PDF Zero-Day, and FBI Phishing Takedown | Cybersecurity Today

David Shipley covers multiple trust-based cyber threats: Mirax Android malware pushed via Meta ads posing as free streaming apps, functioning as a remote access trojan and turning infected phones into residential proxies, amid reports of widespread scam advertising on Meta platforms. Researchers link a North Korean APT37 campaign to Facebook friend requests that shift to Messenger and Telegram before delivering a tampered PDF viewer that installs Rock Rat and exfiltrates data via Zoho WorkDrive. Adobe issues an emergency patch for an Acrobat/Reader zero-day where opening a PDF can expose files, seen targeting oil and gas with Russian-language lures. The FBI and Indonesian authorities dismantle the Wall phishing marketplace designed to bypass MFA via session-cookie theft, as similar services quickly rebound. The FBI reports Americans lost nearly $21B to cybercrime in 2025, driven by investment and crypto fraud, with growing AI-enabled scams.

00:00 Headlines And Sponsor 00:57 Mirax Android Proxy Malware 02:47 Meta Scam Ad Machine 05:01 North Korea Friend Request Hack 07:44 Adobe Acrobat Zero Day Patch 10:11 FBI Wall Phishing Kit Takedown 12:28 Why Takedowns And MFA Fall Short 15:02 Cybercrime Losses Hit $21B 18:16 Wrap Up And Thanks 18:55 Meter Sponsor Message