Security Affairs

MARCH 13, 2025

North Korea-linked APT group ScarCruft used a new Android spyware dubbed KoSpy to target Korean and English-speaking users. Lookout researchers attributed the spyware to the ScarCruft group with medium confidence. Kaspersky first documented the operations of the group in 2016. ” reads the report published by the researchers.

Spyware 77

Spyware Surveillance Encryption Malware 77

Malwarebytes

OCTOBER 18, 2024

The vulnerability, tracked as CVE-2024-44133 was fixed in the September 16 update for Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac Mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later).

Adware 143

Adware Spyware Mobile Technology 143

Heimadal Security

OCTOBER 28, 2021

As of 2018, a group of supposedly harmless Android applications has been infecting Israeli users with spyware, and the operation is still ongoing. The post Israeli Users Targeted by Android Spyware Apps Since 2018 appeared first on Heimdal Security Blog. Apparently, the most exploited […].

Spyware 98

Spyware Cybersecurity 98

Security Affairs

MARCH 2, 2024

Court ordered surveillance firm NSO Group to hand over the source code for its Pegasus spyware and other products to Meta. Meta won the litigation against the Israeli spyware vendor NSO Group , a U.S. from April 29, 2018, to May 10, 2020). from April 29, 2018, to May 10, 2020).

Spyware 143

Spyware Surveillance Software Architecture 143

Security Affairs

MAY 30, 2024

Researchers from ThreatFabric discovered a macOS version of the LightSpy spyware that has been active in the wild since at least January 2024. ThreatFabric observed threat actors using two publicly available exploits (CVE-2018-4233, CVE-2018-4404) to deliver macOS implants. and iOS versions before 11.4.

Spyware 136

Spyware Malware Surveillance Mobile 136

Security Affairs

JULY 19, 2021

Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pegasus Project is the name of a large-scale investigation into the leak of 50,000 phone numbers of potential surveillance targets that revealed the abuse of NSO Group’s spyware.

Spyware 131

Spyware Government Surveillance Media 131

Security Affairs

FEBRUARY 24, 2021

Vietnam-linked APT32 group targeted Vietnamese human rights defenders (HRDs) between February 2018 and November 2020. The threat actors used by spyware to take over the target systems, spy on the victims, and exfiltrate data. The link points to files containing spyware that could infect both Mac OS or Windows systems.

Spyware 128

Spyware Government Surveillance Phishing 128

Security Affairs

DECEMBER 16, 2020

Security researchers from Lookout have discovered new spyware, dubbed Goontcat, that could target both Android and iOS users. Goontact implement common spyware features, including the ability to gather data from the infected devices and gather system info. The spyware is likely used as part of a sextortion campaign.

Spyware 143

Spyware Mobile Surveillance Malware 143

Security Affairs

OCTOBER 25, 2021

Threat actors infected the iPhone of New York Times journalist Ben Hubbard with NSO Group’s Pegasus spyware between June 2018 to June 2021. The iPhone of New York Times journalist Ben Hubbard was repeatedly infected with NSO Group’s Pegasus spyware. The device was compromised two times, in July 2020 and June 2021.

Spyware 122

Spyware Hacking Backups Accountability 122

Security Affairs

JUNE 22, 2020

Researchers at Amnesty International collected evidence that a Moroccan journalist was targeted with network injection attacks using NSO Group ‘s spyware. The links used in these attacks are similar to the ones detected by in June 2018 by Amnesty International in operations against an Amnesty staff member and a Saudi HRD.

Spyware 144

Spyware Surveillance Mobile Advertising 144

Malwarebytes

MARCH 5, 2024

A California federal judge has ordered spyware maker NSO Group to hand over the code for Pegasus and other spyware products that were used to spy on WhatsApp users. This may be true if a better understanding of how the spyware works leads to improvements that can thwart future abuse. Things have developed since then.

Spyware 140

Spyware Government Mobile Encryption 140

Malwarebytes

SEPTEMBER 27, 2023

Recent events have demonstrated very clearly just how persistent and wide-spread the Pegasus spyware is. The exploit chain based on these vulnerabilities was capable of compromising devices without any interaction from the victim and were reportedly used by the NSO Group to deliver its infamous Pegasus spyware.

Spyware 143

Spyware Surveillance Mobile Software 143

Security Affairs

FEBRUARY 11, 2021

Lookout researchers provided details about two Android spyware families employed by an APT group tracked as Confucius. Researchers at mobile security firm Lookout have provided details about two recently discovered Android spyware families, dubbed Hornbill and SunBird, used by an APT group named Confucius. Pierluigi Paganini.

Spyware 143

Spyware Surveillance Malware Mobile 143

Malwarebytes

JUNE 29, 2022

Google’s Threat Analysis Group (TAG) has revealed a sophisticated spyware activity involving ISPs (internet service providers) aiding in downloading powerful commercial spyware onto users’ mobile devices. The spyware, dubbed Hermit, is reported to have government clients much like Pegasus.

Spyware 112

Spyware Government Social Engineering Mobile 112

Bleeping Computer

FEBRUARY 24, 2021

Vietnam-backed hacking group APT32 has coordinated several spyware attacks targeting Vietnamese human rights defenders (HRDs) between February 2018 and November 2020. [.].

Spyware 104

Spyware Hacking 104

Security Affairs

JULY 30, 2024

A new version of the Mandrake Android spyware has been found in five apps on Google Play, which have been downloaded over 32,000 times since 2022. Researchers from Kaspersky discovered a new version of the Mandrake Android spyware in five app on Google Play, totaling over 32,000 downloads between 2022 and 2024.

Spyware 126

Spyware Malware Mobile Marketing 126

Security Affairs

JUNE 28, 2019

Allegedly Western nation-state actors breached the systems of Russian tech giant Yandex in 2018, the attack involved a new variant of the Regin malware. According to the Reuters, Western state-sponsored hackers breached the systems of the Russian tech giant Yandex in 2018, the attack involved a new variant of the Regin malware.

Spyware 108

Spyware Malware Advertising Authentication 108

Security Affairs

JULY 11, 2019

Malware researchers from Kaspersky have discovered new and improved versions of the infamous FinFisher spyware used to infect both Android and iOS devices. Experts at Kaspersky have discovered a new improved variant of the FinFisher spyware used to spy on both iOS and Android users in 20 countries. Pierluigi Paganini.

Spyware 111

Spyware Advertising Mobile Architecture 111

Security Affairs

DECEMBER 12, 2018

Experts from Kaspersky Lab reported that that the recently patched Windows kernel zero-day vulnerability ( CVE-2018-8611 ) has been exploited by several threat actors. Microsoft’s Patch Tuesday updates for December 2018 address nearly 40 flaws, including a zero-day vulnerability affecting the Windows kernel. Pierluigi Paganini.

Advertising 111

Advertising Spyware Accountability Malware 111

Security Affairs

MARCH 3, 2023

The phone of an opposition-linked Polish mayor was infected with the powerful Pegasus spyware, local media reported. Reuters reported that the phone of an opposition-linked Polish mayor was infected with the Pegasus spyware. According to rumors, the Polish special services are using surveillance software to spy on government opponents.

Spyware 98

Spyware Surveillance Hacking Government 98

eSecurity Planet

JULY 21, 2021

Reports that the NSO Group’s Pegasus spyware was used by governments to spy on Apple iPhones used by journalists, activists, government officials and business executives is becoming a global controversy for NSO, Apple and a number of governments at the center of the scandal. Both incidents occurred in 2018. Apple Under Fire.

Spyware 126

Spyware Mobile Government Surveillance 126

The Hacker News

DECEMBER 1, 2022

A Barcelona-based surveillanceware vendor named Variston IT is said to have surreptitiously planted spyware on targeted devices by exploiting several zero-day flaws in Google Chrome, Mozilla Firefox, and Windows, some of which date back to December 2018.

Spyware 99

Spyware 99

SecureWorld News

JULY 18, 2022

The controversial Pegasus spyware continues to stay in the news cycle, as a new report from the Citizen Lab details how the technology was used to target pro-democracy activists in Thailand. The increase in surveillance also means the use of Pegasus spyware. Pegasus spyware in Thailand. So, what is the situation in Thailand?

Spyware 98

Spyware Surveillance Government Hacking 98

Bleeping Computer

OCTOBER 27, 2021

A set of seemingly innocuous Android apps have been infecting Israeli users with spyware since 2018, and the campaign continues to this day. [.].

Spyware 82

Spyware 82

Security Affairs

NOVEMBER 11, 2022

The threat actors behind the campaigns used two Android spyware to spy on the victims and steal sensitive information. The BadBazaar campaign dates back to late 2018, over the time the researchers obtained 111 unique apps that masquerade as harmless apps such as radio apps, messaging apps, dictionaries, religious apps, and even TikTok.

Surveillance 98

Surveillance Spyware Malware Mobile 98

Security Affairs

MARCH 19, 2019

Security experts at Group-IB presented at Money2020 Asia the results of an interesting analysis of hi-tech crime landscape in Asia in 2018. The number of leaked cards increased in 2018 by 56%. The total underground market value of Singaporean banks’ cards compromised in 2018 is estimated at nearly $640 000.

Banking 108

Banking Government Passwords Marketing 108

Malwarebytes

JUNE 16, 2022

This news, first reported by Motherboard , is the latest in a lengthening list of spyware brands breached due to their poor cybersecurity hygiene. In 2018, a hacker going by the initials L.M. The post Photos of kids taken from spyware-ridden phones found exposed on the internet appeared first on Malwarebytes Labs.

Spyware 106

Spyware Internet Internet Marketing 106

Malwarebytes

MAY 28, 2024

As you may have read many times before on our blog, some spyware companies have a surprisingly low standard of security. Daigle found that pcTattleTale’s Application Programming Interface (API) allows any attacker to access the most recent screen capture recorded from any device on which the spyware is installed.

Spyware 106

Spyware Software Malware Mobile 106

Schneier on Security

JANUARY 24, 2020

Instead, they only found a suspicious video file sent to Bezos on May 1, 2018 that "appears to be an Arabic language promotional film about telecommunications." Edwards said this would indeed get them everything they would need to search for persistent spyware like the kind created and sold by the NSO Group.

Hacking 273

Hacking Backups Spyware Encryption 273

Malwarebytes

FEBRUARY 11, 2025

in July 2018. Vulnerabilities like these typically target specific individuals as deployed by commercial spyware vendors like Pegasus and Paragon. When exploited, the vulnerability would allow an attacker to disable USB Restricted Mode on a locked device. But once they are, other cybercriminals will try to copy them.

Spyware 97

Spyware Software Mobile Risk 97

Threatpost

OCTOBER 5, 2018

A spyware attack on a Saudi dissident living in Canada made headlines this week, but Citizen Lab warns that simpler attacks are the real epidemic.

Spyware 60

Spyware Cyber Attacks Phishing Mobile 60

Security Affairs

APRIL 8, 2019

Bahrain, 08.04.2019 – Group-IB, an international company that specializes in preventing cyberattacks , and NGN International, a global system integrator, analyzed cybersecurity landscape in Gulf countries in 2018. According to Group-IB’s annual Hi-Tech Crime Trends 2018 report, on average, from June 2017 to August 2018, the details of 1.8

Artificial Intelligence 96

Artificial Intelligence Government Banking Advertising 96

Security Affairs

OCTOBER 10, 2019

NSO Group ‘s surveillance spyware made the headlines again, this time the malware was used to spy on 2 rights activists in Morocco according Amnesty International. Amnesty International collected evidence of new abuses of the NSO Group ‘s surveillance spyware, this time the malware was used to spy two rights activists in Morocco.

Spyware 77

Spyware Surveillance Advertising Malware 77

Security Affairs

APRIL 16, 2019

Scranos is a powerful cross-platform rootkit-enabled spyware discovered while investigating malware posing as legitimate software like video players, drivers and even anti-virus products. According to the experts, the operation is in a consolidation stage, first samples date back to November 2018, with a massive spike in December and January.

Spyware 102

Spyware Adware Malware Accountability 102

Security Affairs

AUGUST 23, 2018

Security researchers from Bitdefender have spotted a new Android spyware framework dubbed Triout that could be used to create malware with extensive surveillance capabilities. The researcher revealed that the command and control (C&C) server has been running since May 2018 and at the time of the report it was still up and running.

Spyware 71

Spyware Surveillance Advertising Malware 71

The Hacker News

JANUARY 25, 2024

It's said to be active since at least 2018. A previously undocumented China-aligned threat actor has been linked to a set of adversary-in-the-middle (AitM) attacks that hijack update requests from legitimate software to deliver a sophisticated implant named NSPX30. The NSPX30

Software 99

Software Spyware Cybersecurity 99

Security Affairs

JUNE 24, 2022

Google’s Threat Analysis Group (TAG) revealed that the Italian spyware vendor RCS Labs was supported by ISPs to spy on users. The iOS app analyzed by the researchers contained the following exploits: CVE-2018-4344 internally referred to and publicly known as LightSpeed. Follow me on Twitter: @securityaffairs and Facebook.

Surveillance 135

Surveillance Mobile Spyware Telecommunications 135