2012, Malware and Spyware - Cyber Security Informer

North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy

Security Affairs

MARCH 13, 2025

North Korea-linked APT group ScarCruft used a new Android spyware dubbed KoSpy to target Korean and English-speaking users. Lookout researchers attributed the spyware to the ScarCruft group with medium confidence. Lookout researchers attributed the spyware to the ScarCruft group with medium confidence.

Spyware

Spyware Surveillance Encryption Malware

Dark Caracal: Global Espionage Malware from Lebanon

Schneier on Security

JANUARY 22, 2018

The EFF and Lookout are reporting on a new piece of spyware operating out of Lebanon. From the Lookout announcement: Dark Caracal has operated a series of multi-platform campaigns starting from at least January 2012, according to our research. The campaigns span across 21+ countries and thousands of victims.

Malware

Malware Spyware Manufacturing Mobile

APT32 state hackers target human rights defenders with spyware

Security Affairs

FEBRUARY 24, 2021

The threat actors used by spyware to take over the target systems, spy on the victims, and exfiltrate data. The APT32 group has been active since at least 2012, it has targeted organizations across multiple industries and foreign governments, dissidents, and journalists. ” reads the post published by Amnesty International. .

Spyware

Spyware Government Surveillance Phishing

Hackers exploit old Microsoft Vulnerability to drop Zloader Malware

CyberSecurity Insiders

JANUARY 5, 2022

Hackers are found inducing Zloader Malware into Windows machines since November last year and reports are in that the malicious software tool has already targeted over 2,848 victims from 111 countries so far. Highly placed sources say that the malware has been distributed via phishing campaign by a cyber threat group named MalSmoke.

Malware

Malware Spyware Antivirus Cyber threats

Deadglyph, a very sophisticated and unknown backdoor targets the Middle East

Security Affairs

SEPTEMBER 24, 2023

Stealth Falcon is a nation-state actor active since at least 2012, the group targeted political activists and journalists in the Middle East in past campaigns. In 2016, researchers from the non-profit organization CitizenLab published a report that describes a campaign of targeted spyware attacks carried out by the Stealth Falcon.

Malware

Malware Spyware Architecture Encryption

Mobile malware evolution 2020

SecureList

MARCH 1, 2021

The word “covid” in various combinations was typically used in the names of packages hiding spyware and banking Trojans, adware or Trojan droppers. The mobile malware Trojan-Ransom.AndroidOS.Agent.aq Last year was notable for both malware and adware, the two very close in terms of capabilities. More on that later.

Mobile

Mobile Malware Adware Banking

School Gives Malware Infected Laptops to Students

SecureWorld News

JANUARY 23, 2021

Unfortunately, a number of the laptops sent out were discovered to have malware. English students' laptops infected with malware. They say the malware appears to have been contacting Russian servers and has been found in a handful of schools. Reports on the malware have indicated that the Windows laptops contained Gamarue.I,

Malware

Malware Education Spyware Government

A new variant of Asruex Trojan exploits very old Office, Adobe flaws

Security Affairs

AUGUST 23, 2019

Malware researchers at Trend Micro discovered a new variant of the Asruex Trojan that exploits old Microsoft Office and Adobe vulnerabilities to infect Windows and Mac systems. Asruex first appeared in the threat landscape 2015, researchers linked it to the spyware used by the DarkHotel APT group. EBSS section. Pierluigi Paganini.

Malware

Malware Advertising Spyware Encryption

Stealth Falcon’s undocumented backdoor uses Windows BITS to exfiltrate data

Security Affairs

SEPTEMBER 9, 2019

ESET researchers discovered a new malware associated with the Stealth Falcon APT group that abuses the Windows BITS service to stealthy exfiltrate data. Security researchers from discovered a new malware associated with the Stealth Falcon cyber espionage group that abuses the Windows BITS service to stealthy exfiltrate data.

Malware

Malware Advertising System Administration Spyware

Amnesty International employee targeted with NSO group surveillance malware

Security Affairs

AUGUST 1, 2018

An employee at Amnesty International has been targeted with Israeli surveillance malware, the news was revealed by the human rights group. Amnesty International revealed that one of its employees was targeted with a surveillance malware developed by an Israeli firm. Year(s) in which spyware infection was attempted.

Surveillance

Surveillance Malware Spyware Mobile

APT trends report Q3 2022

SecureList

NOVEMBER 1, 2022

Since the malware in this incident was compiled on April 15, 2021, and compilation dates are the same for all known samples, this incident is likely to be the first involving Maui ransomware. This report included technical details of malware used in the campaign, such as Ecipekac, SodaMaster, P8RAT, FYAnti and QuasarRAT.

Malware

Malware Ransomware Spyware Encryption

Security Affairs newsletter Round 235

Security Affairs

OCTOBER 13, 2019

PoS malware infections impacted four restaurant chains in the U.S. Amnesty claims that 2 Morocco rights advocates were targeted by NSO Group spyware. Attor malware was developed by one of the most sophisticated espionage groups. Ops, popular iTerm2 macOS Terminal App is affected by a critical RCE since 2012.

VPN

VPN Advertising Data breaches Spyware

China-linked APT41 group targets telecommunications companies with new backdoor

Security Affairs

OCTOBER 31, 2019

China-linked APT41 group is targeting telecommunications companies with a new piece of malware used to spy on text messages of highly targeted individuals. ” The APT41 has been active since at least 2012, it was involved in both state-sponsored espionage campaigns and financially-motivated attacks since 2014. .”

Telecommunications

Telecommunications Malware Advertising Mobile

The Prevalence of DarkComet in Dynamic DNS

Security Boulevard

AUGUST 6, 2024

They can simply update the DNS records to point to a new IP address, ensuring continuous communication with their malware. We then identified which domains were malicious by cross-referencing this data against our malware data to determine which have been used this year in command and control.

DNS

DNS Malware Social Engineering Engineering

NSO mobile Pegasus Spyware used in operations in 45 countries

Security Affairs

SEPTEMBER 18, 2018

A new report published by Citizen Lab revealed that the NSO Pegasus spyware was used against targets across 45 countries worldwide. A new investigation of the Citizen Lab revealed that the powerful Pegasus mobile spyware was used against targets across 45 countries around the world over the last two years. COUNTRY NEXUS.

Spyware

Spyware Mobile Surveillance DNS

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Herjavec Group

AUGUST 26, 2021

After being released in 2003, he uses WiFi to commit attacks, program malware and steal credit card information. 2008 — Heartland Payment Systems — 134 million credit cards are exposed through SQL injection to install spyware on Heartland’s data systems. 1998-2007 — Max Butler — Max Butler hacks U.S. east coast.

Cybercrime

Cybercrime Computers and Electronics Banking Hacking

Advanced threat predictions for 2023

SecureList

NOVEMBER 14, 2022

This reveals a likely blind spot for defenders and endpoint vendors: in a number of cases, perhaps even the majority, attackers have no need for 0-days and malware deployment to gain access to the information they need. SIGINT-delivered malware. More APT groups will move from CobaltStrike to other alternatives.

Firmware

Firmware Surveillance Mobile Telecommunications

Cyber Security Informer

North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy

Dark Caracal: Global Espionage Malware from Lebanon

Trending Sources

APT32 state hackers target human rights defenders with spyware

Hackers exploit old Microsoft Vulnerability to drop Zloader Malware

Deadglyph, a very sophisticated and unknown backdoor targets the Middle East

Mobile malware evolution 2020

School Gives Malware Infected Laptops to Students

A new variant of Asruex Trojan exploits very old Office, Adobe flaws

Stealth Falcon’s undocumented backdoor uses Windows BITS to exfiltrate data

Amnesty International employee targeted with NSO group surveillance malware

APT trends report Q3 2022

Security Affairs newsletter Round 235

China-linked APT41 group targets telecommunications companies with new backdoor

The Prevalence of DarkComet in Dynamic DNS

NSO mobile Pegasus Spyware used in operations in 45 countries

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Advanced threat predictions for 2023

Stay Connected