Security Affairs

MARCH 13, 2025

North Korea-linked APT group ScarCruft used a new Android spyware dubbed KoSpy to target Korean and English-speaking users. Lookout researchers attributed the spyware to the ScarCruft group with medium confidence. The researchers state that the threat is a relatively new malware family with early samples going back to March 2022.

Spyware 77

Spyware Surveillance Encryption Malware 77

Malwarebytes

OCTOBER 18, 2024

The vulnerability, tracked as CVE-2024-44133 was fixed in the September 16 update for Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac Mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later).

Adware 143

Adware Spyware Mobile Technology 143

Security Affairs

MARCH 2, 2024

Court ordered surveillance firm NSO Group to hand over the source code for its Pegasus spyware and other products to Meta. Meta won the litigation against the Israeli spyware vendor NSO Group , a U.S. from April 29, 2018, to May 10, 2020). from April 29, 2018, to May 10, 2020).

Spyware 143

Spyware Surveillance Software Architecture 143

Security Affairs

MAY 30, 2024

Researchers from ThreatFabric discovered a macOS version of the LightSpy spyware that has been active in the wild since at least January 2024. ThreatFabric observed threat actors using two publicly available exploits (CVE-2018-4233, CVE-2018-4404) to deliver macOS implants. and iOS versions before 11.4.

Spyware 136

Spyware Malware Surveillance Mobile 136

Security Affairs

DECEMBER 16, 2020

Security experts spotted a new malware strain, named Goontact, that allows its operators to spy on both Android and iOS users. Security researchers from Lookout have discovered new spyware, dubbed Goontcat, that could target both Android and iOS users. The spyware is likely used as part of a sextortion campaign.

Spyware 142

Spyware Mobile Surveillance Malware 142

Security Affairs

FEBRUARY 11, 2021

Lookout researchers provided details about two Android spyware families employed by an APT group tracked as Confucius. Researchers at mobile security firm Lookout have provided details about two recently discovered Android spyware families, dubbed Hornbill and SunBird, used by an APT group named Confucius.

Spyware 143

Spyware Surveillance Malware Mobile 143

Krebs on Security

NOVEMBER 13, 2019

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT , a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. This week, Canadian authorities criminally charged him with orchestrating an international malware scheme.

Malware 227

Malware Advertising Marketing System Administration 227

Security Affairs

JULY 19, 2021

Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pegasus Project is the name of a large-scale investigation into the leak of 50,000 phone numbers of potential surveillance targets that revealed the abuse of NSO Group’s spyware.

Spyware 130

Spyware Government Surveillance Media 130

Security Affairs

FEBRUARY 24, 2021

Vietnam-linked APT32 group targeted Vietnamese human rights defenders (HRDs) between February 2018 and November 2020. The threat actors used by spyware to take over the target systems, spy on the victims, and exfiltrate data. The link points to files containing spyware that could infect both Mac OS or Windows systems.

Spyware 128

Spyware Government Surveillance Phishing 128

Security Affairs

JUNE 22, 2020

Researchers at Amnesty International collected evidence that a Moroccan journalist was targeted with network injection attacks using NSO Group ‘s spyware. The links used in these attacks are similar to the ones detected by in June 2018 by Amnesty International in operations against an Amnesty staff member and a Saudi HRD.

Spyware 144

Spyware Surveillance Mobile Advertising 144

Security Affairs

JULY 30, 2024

A new version of the Mandrake Android spyware has been found in five apps on Google Play, which have been downloaded over 32,000 times since 2022. Researchers from Kaspersky discovered a new version of the Mandrake Android spyware in five app on Google Play, totaling over 32,000 downloads between 2022 and 2024.

Spyware 125

Spyware Malware Mobile Marketing 125

Security Affairs

JUNE 28, 2019

Allegedly Western nation-state actors breached the systems of Russian tech giant Yandex in 2018, the attack involved a new variant of the Regin malware. According to the Reuters, Western state-sponsored hackers breached the systems of the Russian tech giant Yandex in 2018, the attack involved a new variant of the Regin malware.

Spyware 108

Spyware Malware Advertising Authentication 108

Schneier on Security

JANUARY 24, 2020

Motherboard obtained and published the technical report on the hack of Jeff Bezos's phone, which is being attributed to Saudi Arabia, specifically to Crown Prince Mohammed bin Salman.investigators set up a secure lab to examine the phone and its artifacts and spent two days poring over the device but were unable to find any malware on it.

Hacking 275

Hacking Backups Spyware Encryption 275

Malwarebytes

JUNE 29, 2022

Google’s Threat Analysis Group (TAG) has revealed a sophisticated spyware activity involving ISPs (internet service providers) aiding in downloading powerful commercial spyware onto users’ mobile devices. The spyware, dubbed Hermit, is reported to have government clients much like Pegasus.

Spyware 112

Spyware Government Social Engineering Mobile 112

Security Affairs

JULY 11, 2019

Malware researchers from Kaspersky have discovered new and improved versions of the infamous FinFisher spyware used to infect both Android and iOS devices. Experts at Kaspersky have discovered a new improved variant of the FinFisher spyware used to spy on both iOS and Android users in 20 countries. Pierluigi Paganini.

Spyware 111

Spyware Advertising Mobile Architecture 111

Security Affairs

OCTOBER 19, 2020

Researchers spotted new variants of the Windows GravityRAT spyware that now can also infect Android and macOS devices. Researchers from Kaspersky Lab have spotted new variants of the GravityRAT malware that now can be also used to infect Android and macOS devices.

Malware 136

Malware Computers and Electronics Spyware Advertising 136

Security Affairs

DECEMBER 12, 2018

Experts from Kaspersky Lab reported that that the recently patched Windows kernel zero-day vulnerability ( CVE-2018-8611 ) has been exploited by several threat actors. Microsoft’s Patch Tuesday updates for December 2018 address nearly 40 flaws, including a zero-day vulnerability affecting the Windows kernel. Pierluigi Paganini.

Advertising 111

Advertising Spyware Accountability Malware 111

Security Affairs

MARCH 3, 2023

The phone of an opposition-linked Polish mayor was infected with the powerful Pegasus spyware, local media reported. Reuters reported that the phone of an opposition-linked Polish mayor was infected with the Pegasus spyware. According to rumors, the Polish special services are using surveillance software to spy on government opponents.

Spyware 98

Spyware Surveillance Hacking Government 98

eSecurity Planet

JULY 21, 2021

Reports that the NSO Group’s Pegasus spyware was used by governments to spy on Apple iPhones used by journalists, activists, government officials and business executives is becoming a global controversy for NSO, Apple and a number of governments at the center of the scandal. Both incidents occurred in 2018. Apple Under Fire.

Spyware 126

Spyware Mobile Government Surveillance 126

Security Affairs

DECEMBER 21, 2023

Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882, to spread the Agent Tesla malware. Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882 (CVSS score: 7.8), as part of phishing campaigns to spread the Agent Tesla malware.

Malware 132

Malware Phishing Spyware Cyber threats 132

Security Affairs

NOVEMBER 11, 2022

The threat actors behind the campaigns used two Android spyware to spy on the victims and steal sensitive information. The campaigns involved a new piece of malware called BadBazaar and new variants of the MOONSHINE surveillance software discovered by Citizen Lab in 2019 and employed in attacks against Tibetan activists. .

Surveillance 98

Surveillance Spyware Malware Mobile 98

Malwarebytes

MAY 28, 2024

As you may have read many times before on our blog, some spyware companies have a surprisingly low standard of security. Daigle found that pcTattleTale’s Application Programming Interface (API) allows any attacker to access the most recent screen capture recorded from any device on which the spyware is installed. Ignore Always.

Spyware 106

Spyware Software Malware Mobile 106

Security Affairs

MARCH 19, 2019

Security experts at Group-IB presented at Money2020 Asia the results of an interesting analysis of hi-tech crime landscape in Asia in 2018. The number of leaked cards increased in 2018 by 56%. The total underground market value of Singaporean banks’ cards compromised in 2018 is estimated at nearly $640 000.

Banking 108

Banking Government Passwords Marketing 108

Krebs on Security

APRIL 2, 2019

Canadian police last week raided the residence of a Toronto software developer behind “ Orcus RAT ,” a product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. ” “I am not your A-typical computer geek, Brian,” he wrote in a 2018 email. “I An advertisement for Orcus RAT.

Advertising 257

Advertising Malware Software Marketing 257

Malwarebytes

JUNE 16, 2022

This news, first reported by Motherboard , is the latest in a lengthening list of spyware brands breached due to their poor cybersecurity hygiene. Unlike other malware, it is also publicly available. In 2018, a hacker going by the initials L.M. And TheTruthSpy is hardly the first of its kind to put kids’ data at risk.

Spyware 106

Spyware Internet Internet Marketing 106

CyberSecurity Insiders

NOVEMBER 15, 2021

A new malware has been uncovered recently and has been dubbed as PhoneSpy. And reports are in that the developers of such malware could be those funded by North Korea government found always spying on populace of various countries across the world.

Malware 101

Malware Spyware Mobile Software 101

Security Affairs

APRIL 16, 2019

Scranos is a powerful cross-platform rootkit-enabled spyware discovered while investigating malware posing as legitimate software like video players, drivers and even anti-virus products. SecurityAffairs – scranos malware, malware). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware 102

Spyware Adware Malware Accountability 102

SecureList

MARCH 1, 2021

The word “covid” in various combinations was typically used in the names of packages hiding spyware and banking Trojans, adware or Trojan droppers. The mobile malware Trojan-Ransom.AndroidOS.Agent.aq Last year was notable for both malware and adware, the two very close in terms of capabilities. More on that later.

Mobile 145

Mobile Malware Adware Banking 145

Security Affairs

APRIL 8, 2019

Bahrain, 08.04.2019 – Group-IB, an international company that specializes in preventing cyberattacks , and NGN International, a global system integrator, analyzed cybersecurity landscape in Gulf countries in 2018. According to Group-IB’s annual Hi-Tech Crime Trends 2018 report, on average, from June 2017 to August 2018, the details of 1.8

Artificial Intelligence 95

Artificial Intelligence Government Banking Advertising 95

Security Affairs

OCTOBER 10, 2019

NSO Group ‘s surveillance spyware made the headlines again, this time the malware was used to spy on 2 rights activists in Morocco according Amnesty International. The post Amnesty claims that 2 Morocco rights advocates were targeted by NSO Group spyware appeared first on Security Affairs. ” states the report.

Spyware 77

Spyware Surveillance Advertising Malware 77

Security Affairs

AUGUST 12, 2020

Agent Tesla is a spyware that is used to spy on the victims by collecting keystrokes, system clipboard, screenshots, and credentials from the infected system. To do this, the spyware creates different threads and timer functions in the main function. ” reads the analysis published by SentinelOne.

Passwords 144

Passwords Spyware VPN Malware 144

Threatpost

OCTOBER 5, 2018

A spyware attack on a Saudi dissident living in Canada made headlines this week, but Citizen Lab warns that simpler attacks are the real epidemic.

Spyware 60

Spyware Cyber Attacks Phishing Mobile 60

Security Affairs

AUGUST 23, 2018

Security researchers from Bitdefender have spotted a new Android spyware framework dubbed Triout that could be used to create malware with extensive surveillance capabilities. The researcher revealed that the command and control (C&C) server has been running since May 2018 and at the time of the report it was still up and running.

Spyware 71

Spyware Surveillance Advertising Malware 71

Security Affairs

APRIL 5, 2019

A few days ago, the researchers of ZLab Yoroi-Cybaze dissected another attack wave of the infamous Ursnif malware, also known as Gozi ISFB , an offspring of the original Gozi which source code was leaked in 2014. Ursnif/Gozi is active from over a decade and was one of the most active malware listed in 2017 and 2018.

Banking 109

Banking Malware Cryptocurrency Advertising 109

SecureList

MARCH 3, 2022

Percentage of ICS computers on which malicious objects were blocked, January – December 2018 – 2021 ( download ). It is also worth noting that in 2021 the vectors of monthly fluctuations (increases and decreases) are the same as those in 2019 and, particularly, in 2018 more often than in 2020. Selected industries. Malicious objects.

Spyware 130

Spyware Ransomware Cryptocurrency Phishing 130

Security Affairs

JUNE 24, 2022

Google’s Threat Analysis Group (TAG) revealed that the Italian spyware vendor RCS Labs was supported by ISPs to spy on users. The iOS app analyzed by the researchers contained the following exploits: CVE-2018-4344 internally referred to and publicly known as LightSpeed. Follow me on Twitter: @securityaffairs and Facebook.

Surveillance 134

Surveillance Mobile Spyware Telecommunications 134

CyberSecurity Insiders

JULY 18, 2021

And the post says that some hacktivists have somehow planted a spying malware on their phones respectively and are constantly spying on the targeted mobile activists. Note- The said malware could target users using Android or Apple iPhones and could spread through messaging apps such as WhatsApp and Telegram.

Mobile 82

Mobile Malware Spyware Surveillance 82