2016, Malware and Spyware - Cyber Security Informer

North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy

Security Affairs

MARCH 13, 2025

North Korea-linked APT group ScarCruft used a new Android spyware dubbed KoSpy to target Korean and English-speaking users. Kaspersky first documented the operations of the group in 2016. Lookout researchers attributed the spyware to the ScarCruft group with medium confidence.

Spyware

Spyware Surveillance Encryption Malware

Orcus RAT Author Charged in Malware Scheme

Krebs on Security

NOVEMBER 13, 2019

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT , a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. An advertisement for Orcus RAT. Several former customers of his took to Hackforums[.]net

Malware

Malware Advertising Marketing System Administration

Researchers Uncover Years-Long Mobile Spyware Campaign Targeting Uyghurs

The Hacker News

SEPTEMBER 23, 2022

A new wave of a mobile surveillance campaign has been observed targeting the Uyghur community as part of a long-standing spyware operation active since at least 2015, cybersecurity researchers disclosed Thursday.

Spyware

Spyware Mobile Surveillance Malware

Pegasus Project – how governments use Pegasus spyware against journalists

Security Affairs

JULY 19, 2021

Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pegasus Project is the name of a large-scale investigation into the leak of 50,000 phone numbers of potential surveillance targets that revealed the abuse of NSO Group’s spyware.

Spyware

Spyware Government Surveillance Media

Beware the Cyber Ghouls: Spooky Threats Lurking in Digital Shadows

SecureWorld News

OCTOBER 31, 2024

Spooky fact : The infamous Mirai botnet attack in 2016 turned more than 600,000 IoT devices into cyber zombies, leading to one of the most significant DDoS attacks in history. Vampire malware: draining systems dry This malware creeps in undetected, draining resources and stealing data in the dark.

IoT

IoT Phishing DDOS Backups

Mandrake Android spyware found in five apps in Google Play with over 32,000 downloads since 2022

Security Affairs

JULY 30, 2024

A new version of the Mandrake Android spyware has been found in five apps on Google Play, which have been downloaded over 32,000 times since 2022. Researchers from Kaspersky discovered a new version of the Mandrake Android spyware in five app on Google Play, totaling over 32,000 downloads between 2022 and 2024.

Spyware

Spyware Malware Mobile Marketing

Apple Patches Vulnerabilities in iOS Exploited by Spyware

eSecurity Planet

SEPTEMBER 14, 2021

Apple continues to be haunted by spyware developed by an Israeli security firm that hostile governments used to hack into Apple devices to spy on journalists, activists and world leaders (see Apple Security Under Scrutiny Amid Fallout from NSO Spyware Scandal ). operating system was being exploited by the invasive Pegasus spyware.

Spyware

Spyware Mobile Engineering Government

Apple Security Under Scrutiny Amid Fallout from NSO Spyware Scandal

eSecurity Planet

JULY 21, 2021

Reports that the NSO Group’s Pegasus spyware was used by governments to spy on Apple iPhones used by journalists, activists, government officials and business executives is becoming a global controversy for NSO, Apple and a number of governments at the center of the scandal. Spyware is Evolving. Apple Under Fire.

Spyware

Spyware Mobile Government Surveillance

Exodus, a government malware that infected innocent victims

Security Affairs

MARCH 30, 2019

Security researchers have found a new government spyware, tracked as Exodus, that was distributed through the Google Play Store. The malware was tracked as Exodus, after the name of the command and control servers the malicious apps connected to.

Government

Government Malware Spyware Surveillance

Earth Empusa targets minority group with Android ActionSpy spyware

Security Affairs

JUNE 15, 2020

The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. ActionSpy, which may have been around since 2017, is an Android spyware that allows the attacker to collect information from the compromised devices,” reads the report published by Trend Micro.

Spyware

Spyware Advertising Encryption Phishing

Mandrake, a high sophisticated Android spyware used in targeted attacks

Security Affairs

MAY 18, 2020

Security experts discovered a highly sophisticated Android spyware platform, dubbed Mandrake, that remained undetected for four years. Researchers from Bitdefender discovered a high-sophisticated Android spyware platform dubbed Mandrake, it was involved in highly targeted attacks against specific devices. ” continues the report.

Spyware

Spyware Malware Advertising Banking

Courts Hand Down Hard Jail Time for DDoS

Krebs on Security

JANUARY 14, 2019

Also last week, a 30-year-old in the United Kingdom was sentenced to 32 months in jail for using an army of hacked devices to crash large portions of Liberia’s Internet access in 2016. The Boston Globe reports that Gottesfeld and his wife in 2016 tried to flee to Cuba in a rented boat, but the trip didn’t go as planned.

DDOS

DDOS Internet Internet Spyware

North Korea-Linked APT Group Kimsuky spotted using new malware

Security Affairs

NOVEMBER 2, 2020

North Korea-linked APT group Kimsuky was recently spotted using a new piece of malware in attacks on government agencies and human rights activists. The new malware appears to have been developed recently, but threat actors might have used Backdating, or timestomping to thwart analysis attempts (anti-forensics).

Malware

Malware Advertising Spyware Government

Android Spyware Monokle, developed by Russian defense contractor, used in targeted attacks

Security Affairs

JULY 25, 2019

Researchers at Lookout discovered a new mobile spyware dubbed Monokle that was developed by a Russian defense contractor. Experts at Lookout discovered a new Android mobile spyware in the wild, dubbed Monokle, that was developed by a Russian defense contractor named Special Technology Centre Ltd. ( Presidential election.

Spyware

Spyware Surveillance Mobile Advertising

Types of Malware & Best Malware Protection Practices

eSecurity Planet

FEBRUARY 16, 2021

Malware, short for “malicious software,” is any unwanted software on your computer that, more often than not, is designed to inflict damage. Since the early days of computing, a wide range of malware types with varying functions have emerged. Best Practices to Defend Against Malware. Jump ahead: Adware. RAM scraper.

Malware

Malware Adware Spyware Antivirus

Canadian Police Raid ‘Orcus RAT’ Author

Krebs on Security

APRIL 2, 2019

Canadian police last week raided the residence of a Toronto software developer behind “ Orcus RAT ,” a product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. An advertisement for Orcus RAT. An advertisement for Orcus RAT.

Advertising

Advertising Malware Software Marketing

Experts discovered surveillance tool EagleMsgSpy used by Chinese law enforcement

Security Affairs

DECEMBER 12, 2024

The researchers analyzed multiple samples of the malware and gained access to internal documents obtained from open directories on attacker infrastructure. These documents suggest the existence of an iOS conversion of the spyware that has yet to be uncovered. a Chinese tech company founded in 2016 with fewer than 50 employees.

Surveillance

Surveillance Mobile Spyware Malware

Bitdefender spotted Triout, a new powerful Android Spyware Framework

Security Affairs

AUGUST 23, 2018

Security researchers from Bitdefender have spotted a new Android spyware framework dubbed Triout that could be used to create malware with extensive surveillance capabilities. The malware was likely spread through third-party marketplaces or domains controlled by the attackers that host the malicious code. Pierluigi Paganini.

Spyware

Spyware Surveillance Advertising Malware

The Most Common Types of Malware in 2021

CyberSecurity Insiders

JANUARY 31, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Malware

Malware Computers and Electronics Adware Spyware

Amnesty claims that 2 Morocco rights advocates were targeted by NSO Group spyware

Security Affairs

OCTOBER 10, 2019

NSO Group ‘s surveillance spyware made the headlines again, this time the malware was used to spy on 2 rights activists in Morocco according Amnesty International. The post Amnesty claims that 2 Morocco rights advocates were targeted by NSO Group spyware appeared first on Security Affairs. ” states the report.

Spyware

Spyware Surveillance Advertising Malware

New FurBall Android Malware Used to Spy on Iranian Citizens

SecureWorld News

OCTOBER 21, 2022

A new version of the Android malware "FurBall" has been discovered to be used by the threat actor(s) known as Domestic Kitten in a campaign targeting Iranian citizens in a mobile surveillance operation. Though it has the Google Play logo, the app is not available in the Google Play store and downloads directly from Domestic Kitten's server.

Malware

Malware Spyware Government Surveillance

BusyGasper spyware remained undetected for two years while spying Russians

Security Affairs

AUGUST 30, 2018

Security experts from Kaspersky Lab have uncovered a new strain of Android malware dubbed BusyGasper that remained hidden for two years. The BusyGasper Android spyware has been active since May 2016, it implements unusual features for this type of malware. ” reads the report published by Kaspersky.

Spyware

Spyware Malware Advertising Banking

Donot Team cyberespionage group updates its Windows malware framework

Security Affairs

AUGUST 21, 2022

The Donot Team threat actor, aka APT-C-35 , has added new capabilities to its Jaca Windows malware framework. The Donot Team has been active since 2016, it focuses on government and military organizations, ministries of foreign affairs, and embassies in India, Pakistan, Sri Lanka, Bangladesh, and other South Asian countries.

Malware

Malware Spyware Phishing Government

Swedish Government grants police the use of spyware against violent crime suspects

Security Affairs

OCTOBER 24, 2019

The Sweden government is going to authorize the use of spyware on suspects’ devices to spy on their communications and track them. Criminal organizations leverage encrypted messaging services for their communications, for this reason the Government decided to authorize the use of surveillance spyware against suspects of violent crimes.

Spyware

Spyware Government Surveillance Encryption

A new sophisticated version of the AZORult Spyware appeared in the wild

Security Affairs

JULY 30, 2018

A new sophisticated version of the AZORult Spyware was spotted in the wild, it was involved in a large email campaign on July 18. Malware researchers at Proofpoint spotted a new version of the AZORult Spyware in the wild, it was involved in a large email campaign on July 18, just 24 hours it appeared in cybercrime forums on the Dark Web.

Spyware

Spyware Cryptocurrency Passwords Malware

PhantomLance, a four-year-long cyberespionage spying campaign

Security Affairs

APRIL 28, 2020

The malware was an info stealer and according to the researchers, it was part of a long-term campaign, tracked as “PhantomLance” that has been active at least since December 2015. We informed Google of the malware, and it was removed from the market shortly after.” ” reads the analysis published by Kaspersky.

Malware

Malware Advertising Marketing Hacking

Domestic Kitten – An Iranian surveillance operation under the radar since 2016

Security Affairs

SEPTEMBER 9, 2018

. “Through the use of mobile applications, those behind the attack use fake decoy content to entice their victims to download such applications, which are in fact loaded with spyware, to then collect sensitive information about them.” ” reads the analysis published by CheckPoint. Pierluigi Paganini.

Surveillance

Surveillance Mobile Advertising Spyware

Mobile Phones of Politicians, Journalists, and members of Royal Families were targeted by Israeli Malware

CyberSecurity Insiders

JULY 18, 2021

And the post says that some hacktivists have somehow planted a spying malware on their phones respectively and are constantly spying on the targeted mobile activists. Note- The said malware could target users using Android or Apple iPhones and could spread through messaging apps such as WhatsApp and Telegram.

Mobile

Mobile Malware Spyware Surveillance

Unique Monokle Android Spyware Self-Signs Certificates

Threatpost

JULY 24, 2019

Researchers have linked the surveillance tool to a Russian tech firm that has been sanctioned for interfering with the 2016 U.S. presidential election.

Spyware

Spyware Surveillance Technology Mobile

Experts spotted the iOS version of the Exodus surveillance app

Security Affairs

APRIL 9, 2019

In the last weeks, a new Android surveillance malware dubbed Exodus made the headlines, now expert found the iOS version of the government spyware. Exodus for Android is a three-stage malware, the first is a small dropper that collected basic device information (i.e. on Feb 28, 2016.” to eSurv S.R.L.

Surveillance

Surveillance Spyware Phishing Malware

Amnesty International employee targeted with NSO group surveillance malware

Security Affairs

AUGUST 1, 2018

An employee at Amnesty International has been targeted with Israeli surveillance malware, the news was revealed by the human rights group. Amnesty International revealed that one of its employees was targeted with a surveillance malware developed by an Israeli firm. Year(s) in which spyware infection was attempted. 2012-2014.

Surveillance

Surveillance Malware Spyware Mobile

Russia-linked APT groups exploited Lithuanian infrastructure to launch attacks

Security Affairs

MARCH 7, 2021

In December 2016, Lithuania blamed Russia for cyber attacks that hit government networks over the previous two years. The head of cyber security Rimtautas Cerniauskas confirmed the discovery of at least three Russian spyware on government computers since 2015.

Cyber Attacks

Cyber Attacks Spyware Government Hacking

Deadglyph, a very sophisticated and unknown backdoor targets the Middle East

Security Affairs

SEPTEMBER 24, 2023

In 2016, researchers from the non-profit organization CitizenLab published a report that describes a campaign of targeted spyware attacks carried out by the Stealth Falcon. The malware also supports multiple evasion capabilities. The authors used different languages to hinder analysis, researchers explained.

Malware

Malware Spyware Architecture Encryption

Israeli surveillance firm QuaDream emerges from the dark

Security Affairs

FEBRUARY 6, 2022

One of the vulnerabilities in Apple iOS that was previously exploited by the spyware developed by the Israeli company NSO Group was also separately used by another surveillance firm named QuaDream. Like NSO Group, QuaDream develops surveillance malware for government and intelligence agencies.

Surveillance

Surveillance Spyware Government Hacking

Spyware in the IoT – the Biggest Privacy Threat This Year

SiteLock

AUGUST 27, 2021

This is exactly what happened on October 12, 2016, when the Mirai botnet used an army of IoT devices — like security cameras, digital video recorders (DVRs) and routers — to execute a massive distributed denial of service (DDoS) attack which left much of the internet inaccessible. The first IoT casualties?

IoT

IoT Spyware VPN Passwords

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Last Watchdog

FEBRUARY 28, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Cyber threats

Cyber threats Computers and Electronics Adware Spyware

CSE Malware ZLab – Chinese APT27 ’s long-term espionage campaign in Syria is still ongoing

Security Affairs

JULY 23, 2018

Security researchers from CSE Cybsec Z-Lab analyzed the content of the folder and discovered an Android spyware that was developed to exfiltrate sensitive information from victims’ devices. The APT27 group focused its activity in Syria in the last couple of years, it used both Windows and Android malware to compromise target devices.

Malware

Malware Advertising Spyware Mobile

IT threat evolution Q1 2022

SecureList

MAY 27, 2022

Our analysis of the rogue firmware, and other malicious artefacts from the target’s network, revealed that the threat actor behind it had tampered with the firmware to embed malware that we call MoonBounce. On February 23, ESET published a tweet announcing new wiper malware targeting Ukraine. Roaming Mantis reaches Europe.

Phishing

Phishing Spyware Firmware Malware

Threat Actors Spread Agent Tesla Disguised as COVID-19 Vaccination Registration

Hot for Security

JUNE 18, 2021

The updated password-stealing capabilities and security-dodging techniques paired with the malware distribution-as-a-service business model have proven highly profitable. Once accessed, the document downloads Agent Tesla malware. 46463520 , while Agent Tesla malware is detected as Trojan.GenericKD.46464231.

Malware

Malware Phishing Spyware Software

STOP ransomware encrypts files and steals victim’s data

Security Affairs

MARCH 11, 2019

AZORult is a data stealer that was first spotted in 2016 by Proofpoint that discovered it was it was part of a secondary infection via the Chthonic banking trojan. In July, the experts discovered a new sophisticated version of the AZORult Spyware that was involved in a large email campaign on July 18. Pierluigi Paganini.

Encryption

Encryption Ransomware Cryptocurrency Passwords

The ‘Gazorp’ Azorult Builder emerged from the Dark Web

Security Affairs

OCTOBER 2, 2018

Checkpoint experts discovered in the Dark Web an online builder, dubbed Gazorp, that allows crooks to create customized binaries for the Azorult malware. Gazorp is designed for building binaries of the popular malware, Azorult, an infostealer used for stealing user passwords, credit card information, ” states CheckPoint.

Malware

Malware Advertising Spyware Passwords

Security Affairs newsletter Round 353

Security Affairs

FEBRUARY 13, 2022

US seizes $3.6 to replace Chinese equipment Hackers breached a server of National Games of China days before the event Russian Gamaredon APT is targeting Ukraine since October Israeli surveillance firm QuaDream emerges from the dark Argo CD flaw could allow stealing sensitive data from Kubernetes Apps. US seizes $3.6

Ransomware

Ransomware Spyware Surveillance Hacking

Apex Legends for Android: a Fake App could Compromise your Smartphone

Security Affairs

MARCH 12, 2019

Yoroi -Cybaze ZLab malware researchers have analyzed four different fake android APKs that pretend to be versions of the Apex Legends game. Despite the usage of Apex Legends references, the first two applications do not contain a real malware, but their main purpose is to obtain an economic return through Google Mobile Ads SDK.

Spyware

Spyware Malware Mobile Phishing

Stealth Falcon’s undocumented backdoor uses Windows BITS to exfiltrate data

Security Affairs

SEPTEMBER 9, 2019

ESET researchers discovered a new malware associated with the Stealth Falcon APT group that abuses the Windows BITS service to stealthy exfiltrate data. Security researchers from discovered a new malware associated with the Stealth Falcon cyber espionage group that abuses the Windows BITS service to stealthy exfiltrate data.

Malware

Malware Advertising System Administration Spyware

North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy

Orcus RAT Author Charged in Malware Scheme

Trending Sources

Researchers Uncover Years-Long Mobile Spyware Campaign Targeting Uyghurs

Pegasus Project – how governments use Pegasus spyware against journalists

Beware the Cyber Ghouls: Spooky Threats Lurking in Digital Shadows

Mandrake Android spyware found in five apps in Google Play with over 32,000 downloads since 2022

Apple Patches Vulnerabilities in iOS Exploited by Spyware

Apple Security Under Scrutiny Amid Fallout from NSO Spyware Scandal

Exodus, a government malware that infected innocent victims

Earth Empusa targets minority group with Android ActionSpy spyware

Mandrake, a high sophisticated Android spyware used in targeted attacks

Courts Hand Down Hard Jail Time for DDoS

North Korea-Linked APT Group Kimsuky spotted using new malware

Android Spyware Monokle, developed by Russian defense contractor, used in targeted attacks

Types of Malware & Best Malware Protection Practices

Canadian Police Raid ‘Orcus RAT’ Author

Experts discovered surveillance tool EagleMsgSpy used by Chinese law enforcement

Bitdefender spotted Triout, a new powerful Android Spyware Framework

The Most Common Types of Malware in 2021

Amnesty claims that 2 Morocco rights advocates were targeted by NSO Group spyware

New FurBall Android Malware Used to Spy on Iranian Citizens

BusyGasper spyware remained undetected for two years while spying Russians

Donot Team cyberespionage group updates its Windows malware framework

Swedish Government grants police the use of spyware against violent crime suspects

A new sophisticated version of the AZORult Spyware appeared in the wild

PhantomLance, a four-year-long cyberespionage spying campaign

Domestic Kitten – An Iranian surveillance operation under the radar since 2016

Mobile Phones of Politicians, Journalists, and members of Royal Families were targeted by Israeli Malware

Unique Monokle Android Spyware Self-Signs Certificates

Experts spotted the iOS version of the Exodus surveillance app

Amnesty International employee targeted with NSO group surveillance malware

Russia-linked APT groups exploited Lithuanian infrastructure to launch attacks

Deadglyph, a very sophisticated and unknown backdoor targets the Middle East

Israeli surveillance firm QuaDream emerges from the dark

Spyware in the IoT – the Biggest Privacy Threat This Year

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

CSE Malware ZLab – Chinese APT27 ’s long-term espionage campaign in Syria is still ongoing

IT threat evolution Q1 2022

Threat Actors Spread Agent Tesla Disguised as COVID-19 Vaccination Registration

STOP ransomware encrypts files and steals victim’s data

The ‘Gazorp’ Azorult Builder emerged from the Dark Web

Security Affairs newsletter Round 353

Apex Legends for Android: a Fake App could Compromise your Smartphone

Stealth Falcon’s undocumented backdoor uses Windows BITS to exfiltrate data

Stay Connected