Malicious apps masquerading as Google Chrome, Enterprise Europe, and NordVPN created with the Zombinder APK service have been used to deploy Octo2, which also featured a Domain Generation Algorithm-based command-and-control system that increased its resistance to attempted takedowns, a report from ThreatFabric revealed.