Security Affairs

JUNE 15, 2020

The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. ActionSpy, which may have been around since 2017, is an Android spyware that allows the attacker to collect information from the compromised devices,” reads the report published by Trend Micro.

Spyware 105

Spyware Advertising Encryption Phishing 105

Security Affairs

MARCH 30, 2019

Security researchers have found a new government spyware, tracked as Exodus, that was distributed through the Google Play Store. The malware was tracked as Exodus, after the name of the command and control servers the malicious apps connected to.

Government 111

Government Malware Spyware Surveillance 111

Krebs on Security

JANUARY 14, 2019

Also last week, a 30-year-old in the United Kingdom was sentenced to 32 months in jail for using an army of hacked devices to crash large portions of Liberia’s Internet access in 2016. The Boston Globe reports that Gottesfeld and his wife in 2016 tried to flee to Cuba in a rented boat, but the trip didn’t go as planned.

DDOS 227

DDOS Internet Internet Spyware 227

Security Affairs

MAY 18, 2020

Security experts discovered a highly sophisticated Android spyware platform, dubbed Mandrake, that remained undetected for four years. Researchers from Bitdefender discovered a high-sophisticated Android spyware platform dubbed Mandrake, it was involved in highly targeted attacks against specific devices. ” continues the report.

Spyware 112

Spyware Malware Advertising Banking 112

Security Affairs

NOVEMBER 2, 2020

North Korea-linked APT group Kimsuky was recently spotted using a new piece of malware in attacks on government agencies and human rights activists. The new malware appears to have been developed recently, but threat actors might have used Backdating, or timestomping to thwart analysis attempts (anti-forensics).

Malware 133

Malware Advertising Spyware Government 133

Security Affairs

JULY 25, 2019

Researchers at Lookout discovered a new mobile spyware dubbed Monokle that was developed by a Russian defense contractor. Experts at Lookout discovered a new Android mobile spyware in the wild, dubbed Monokle, that was developed by a Russian defense contractor named Special Technology Centre Ltd. ( Presidential election.

Spyware 105

Spyware Surveillance Mobile Advertising 105

Security Affairs

DECEMBER 12, 2024

The researchers analyzed multiple samples of the malware and gained access to internal documents obtained from open directories on attacker infrastructure. These documents suggest the existence of an iOS conversion of the spyware that has yet to be uncovered. a Chinese tech company founded in 2016 with fewer than 50 employees.

Surveillance 64

Surveillance Mobile Spyware Malware 64

Security Affairs

AUGUST 23, 2018

Security researchers from Bitdefender have spotted a new Android spyware framework dubbed Triout that could be used to create malware with extensive surveillance capabilities. The malware was likely spread through third-party marketplaces or domains controlled by the attackers that host the malicious code. Pierluigi Paganini.

Spyware 71

Spyware Surveillance Advertising Malware 71

Security Affairs

OCTOBER 10, 2019

NSO Group ‘s surveillance spyware made the headlines again, this time the malware was used to spy on 2 rights activists in Morocco according Amnesty International. The post Amnesty claims that 2 Morocco rights advocates were targeted by NSO Group spyware appeared first on Security Affairs. ” states the report.

Spyware 78

Spyware Surveillance Advertising Malware 78

SecureWorld News

OCTOBER 21, 2022

A new version of the Android malware "FurBall" has been discovered to be used by the threat actor(s) known as Domestic Kitten in a campaign targeting Iranian citizens in a mobile surveillance operation. Though it has the Google Play logo, the app is not available in the Google Play store and downloads directly from Domestic Kitten's server.

Malware 98

Malware Spyware Government Surveillance 98

Security Affairs

AUGUST 30, 2018

Security experts from Kaspersky Lab have uncovered a new strain of Android malware dubbed BusyGasper that remained hidden for two years. The BusyGasper Android spyware has been active since May 2016, it implements unusual features for this type of malware. ” reads the report published by Kaspersky.

Spyware 72

Spyware Malware Advertising Banking 72

Security Affairs

AUGUST 21, 2022

The Donot Team threat actor, aka APT-C-35 , has added new capabilities to its Jaca Windows malware framework. The Donot Team has been active since 2016, it focuses on government and military organizations, ministries of foreign affairs, and embassies in India, Pakistan, Sri Lanka, Bangladesh, and other South Asian countries.

Malware 100

Malware Spyware Phishing Government 100

Security Affairs

OCTOBER 24, 2019

The Sweden government is going to authorize the use of spyware on suspects’ devices to spy on their communications and track them. Criminal organizations leverage encrypted messaging services for their communications, for this reason the Government decided to authorize the use of surveillance spyware against suspects of violent crimes.

Spyware 75

Spyware Government Surveillance Encryption 75

Security Affairs

JULY 30, 2018

A new sophisticated version of the AZORult Spyware was spotted in the wild, it was involved in a large email campaign on July 18. Malware researchers at Proofpoint spotted a new version of the AZORult Spyware in the wild, it was involved in a large email campaign on July 18, just 24 hours it appeared in cybercrime forums on the Dark Web.

Spyware 72

Spyware Cryptocurrency Passwords Malware 72

Security Affairs

SEPTEMBER 9, 2018

. “Through the use of mobile applications, those behind the attack use fake decoy content to entice their victims to download such applications, which are in fact loaded with spyware, to then collect sensitive information about them.” ” reads the analysis published by CheckPoint. Pierluigi Paganini.

Surveillance 79

Surveillance Mobile Advertising Spyware 79

Security Affairs

APRIL 28, 2020

The malware was an info stealer and according to the researchers, it was part of a long-term campaign, tracked as “PhantomLance” that has been active at least since December 2015. We informed Google of the malware, and it was removed from the market shortly after.” ” reads the analysis published by Kaspersky.

Malware 141

Malware Advertising Marketing Hacking 141

CyberSecurity Insiders

JULY 18, 2021

And the post says that some hacktivists have somehow planted a spying malware on their phones respectively and are constantly spying on the targeted mobile activists. Note- The said malware could target users using Android or Apple iPhones and could spread through messaging apps such as WhatsApp and Telegram.

Mobile 82

Mobile Malware Spyware Surveillance 82

Threatpost

JULY 24, 2019

Researchers have linked the surveillance tool to a Russian tech firm that has been sanctioned for interfering with the 2016 U.S. presidential election.

Spyware 76

Spyware Surveillance Technology Mobile 76

Security Affairs

APRIL 9, 2019

In the last weeks, a new Android surveillance malware dubbed Exodus made the headlines, now expert found the iOS version of the government spyware. Exodus for Android is a three-stage malware, the first is a small dropper that collected basic device information (i.e. on Feb 28, 2016.” to eSurv S.R.L.

Surveillance 102

Surveillance Spyware Phishing Malware 102

Security Affairs

AUGUST 1, 2018

An employee at Amnesty International has been targeted with Israeli surveillance malware, the news was revealed by the human rights group. Amnesty International revealed that one of its employees was targeted with a surveillance malware developed by an Israeli firm. Year(s) in which spyware infection was attempted. 2012-2014.

Surveillance 67

Surveillance Malware Spyware Mobile 67

Security Affairs

FEBRUARY 6, 2022

One of the vulnerabilities in Apple iOS that was previously exploited by the spyware developed by the Israeli company NSO Group was also separately used by another surveillance firm named QuaDream. Like NSO Group, QuaDream develops surveillance malware for government and intelligence agencies.

Surveillance 98

Surveillance Spyware Government Hacking 98

SiteLock

AUGUST 27, 2021

This is exactly what happened on October 12, 2016, when the Mirai botnet used an army of IoT devices — like security cameras, digital video recorders (DVRs) and routers — to execute a massive distributed denial of service (DDoS) attack which left much of the internet inaccessible. The first IoT casualties?

IoT 98

IoT Spyware VPN Passwords 98

Security Affairs

JULY 23, 2018

Security researchers from CSE Cybsec Z-Lab analyzed the content of the folder and discovered an Android spyware that was developed to exfiltrate sensitive information from victims’ devices. The APT27 group focused its activity in Syria in the last couple of years, it used both Windows and Android malware to compromise target devices.

Malware 72

Malware Advertising Spyware Mobile 72

Hot for Security

JUNE 18, 2021

The updated password-stealing capabilities and security-dodging techniques paired with the malware distribution-as-a-service business model have proven highly profitable. Once accessed, the document downloads Agent Tesla malware. 46463520 , while Agent Tesla malware is detected as Trojan.GenericKD.46464231.

Malware 105

Malware Phishing Spyware Software 105

SecureList

MAY 27, 2022

Our analysis of the rogue firmware, and other malicious artefacts from the target’s network, revealed that the threat actor behind it had tampered with the firmware to embed malware that we call MoonBounce. On February 23, ESET published a tweet announcing new wiper malware targeting Ukraine. Roaming Mantis reaches Europe.

Phishing 133

Phishing Spyware Firmware Malware 133

Security Affairs

MARCH 11, 2019

AZORult is a data stealer that was first spotted in 2016 by Proofpoint that discovered it was it was part of a secondary infection via the Chthonic banking trojan. In July, the experts discovered a new sophisticated version of the AZORult Spyware that was involved in a large email campaign on July 18. Pierluigi Paganini.

Encryption 109

Encryption Ransomware Cryptocurrency Passwords 109

Security Affairs

OCTOBER 2, 2018

Checkpoint experts discovered in the Dark Web an online builder, dubbed Gazorp, that allows crooks to create customized binaries for the Azorult malware. Gazorp is designed for building binaries of the popular malware, Azorult, an infostealer used for stealing user passwords, credit card information, ” states CheckPoint.

Malware 109

Malware Advertising Spyware Passwords 109

Security Affairs

FEBRUARY 13, 2022

US seizes $3.6 to replace Chinese equipment Hackers breached a server of National Games of China days before the event Russian Gamaredon APT is targeting Ukraine since October Israeli surveillance firm QuaDream emerges from the dark Argo CD flaw could allow stealing sensitive data from Kubernetes Apps. US seizes $3.6

Ransomware 98

Ransomware Spyware Surveillance Hacking 98

Security Affairs

MARCH 12, 2019

Yoroi -Cybaze ZLab malware researchers have analyzed four different fake android APKs that pretend to be versions of the Apex Legends game. Despite the usage of Apex Legends references, the first two applications do not contain a real malware, but their main purpose is to obtain an economic return through Google Mobile Ads SDK.

Spyware 106

Spyware Malware Mobile Phishing 106

Security Affairs

SEPTEMBER 9, 2019

ESET researchers discovered a new malware associated with the Stealth Falcon APT group that abuses the Windows BITS service to stealthy exfiltrate data. Security researchers from discovered a new malware associated with the Stealth Falcon cyber espionage group that abuses the Windows BITS service to stealthy exfiltrate data.

Malware 105

Malware Advertising System Administration Spyware 105

Security Affairs

OCTOBER 23, 2018

AZORult is a data stealer that was first spotted in 2016 by Proofpoint that discovered it was it was part of a secondary infection via the Chthonic banking trojan. In July, the experts discovered a new sophisticated version of the AZORult Spyware that was involved in a large email campaign on July 18. ” continues CheckPoint.

Marketing 105

Marketing Cybercrime Cryptocurrency Advertising 105

Security Affairs

MARCH 13, 2019

FruityArmor is a cyber-espionage group that was first observed in 2016 while targeting activists, researchers, and individuals related to government organizations in Thailand, Iran, Algeria, Yemen, Saudi Arabia, and Sweden. Experts believe FruityArmor´s activity has been slowly increasing during the last two years, the group.

Advertising 111

Advertising Spyware Hacking Government 111

Security Affairs

JULY 18, 2019

The activity of the group was initially uncovered in 2016 when experts at Kaspersky observed the cyberespionage group targeting users in Europe, in the Middle East, and in Northern Africa. The group set up malicious sites mimicking legitimate ones to carry out watering holes to deliver tainted installers and malware.

Malware 89

Malware Software Advertising Spyware 89

Security Affairs

JULY 13, 2019

Croatia government agencies targeted with news SilentTrinity malware. Kaspersky report: Malware shared by USCYBERCOM first seen in December 2016. Agent Smith Android malware already infected 25 million devices. New FinFisher spyware used to spy on iOS and Android users in 20 countries. Kindle Edition. Paper Copy.

Data breaches 77

Data breaches Spyware Advertising Government 77

Security Affairs

MAY 19, 2019

Malware Training Sets: FollowUP. WhatsApp zero-day exploited in targeted attacks to deliver NSO spyware. Chinese state-sponsored hackers breached TeamViewer in 2016. Over 10k+ GPS trackers could be abused to spy on individuals in the UK. Pacha Group declares war to rival crypto mining hacking groups.

Advertising 88

Advertising Spyware Data breaches Hacking 88

SecureList

AUGUST 30, 2023

Both infection methods resulted in the same malware (the DeathNote downloader), which uploaded the target’s information and retrieved the next-stage payload at the discretion of the C2 (Command and Control) server. It’s thought that the malware was spread through a vulnerability in the software.

Malware 98

Malware Spyware Government Cryptocurrency 98

Security Affairs

MAY 23, 2023

In the latest campaign uncovered by Kaspersky, the APT group, used a modular framework dubbed CloudWizard that supports spyware capabilities, including taking screenshots, microphone recording, harvesting Gmail inboxes, and keylogging.

Malware 98

Malware Spyware Encryption Hacking 98