Advertising, Information Security and Spyware

Sextortion campaign uses Goontact spyware to target Android and iOS users

Security Affairs

DECEMBER 16, 2020

Security experts spotted a new malware strain, named Goontact, that allows its operators to spy on both Android and iOS users. Security researchers from Lookout have discovered new spyware, dubbed Goontcat, that could target both Android and iOS users. The spyware is likely used as part of a sextortion campaign.

Spyware

Spyware Mobile Surveillance Malware

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

Security Affairs

JUNE 22, 2020

Researchers at Amnesty International collected evidence that a Moroccan journalist was targeted with network injection attacks using NSO Group ‘s spyware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware

Spyware Surveillance Mobile Advertising

Facebook vs NSO Group lawsuit: 1,400+ users were targeted with Pegasus spyware

Security Affairs

APRIL 25, 2020

Facebook advocates have challenged a plea from spyware maker NSO Group to dismiss the legal dispute over the hacking accusations, arguing it has immunity from prosecution. Now both companies are providing technical details requested by the cyber-security experts. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware

Spyware Surveillance Advertising Mobile

Multiple WhatsApp mods spotted containing the CanesSpy Spyware

Security Affairs

NOVEMBER 3, 2023

Kaspersky researchers are warning of multiple WhatsApp mods that embed a spyware module dubbed CanesSpy. Kaspersky researchers discovered multiple WhatsApp mods that embed a spyware module dubbed CanesSpy. Then the malware contacts the command-and-control (C2) server and sends information about the compromised device (i.e. .

Spyware

Spyware Malware Mobile Advertising

XCSSET Mac spyware spreads via Xcode Projects

Security Affairs

AUGUST 15, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post XCSSET Mac spyware spreads via Xcode Projects appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – hacking, XCSSET).

Spyware

Spyware Malware Advertising Cryptocurrency

WhatsApp zero-day exploited in targeted attacks to deliver NSO spyware

Security Affairs

MAY 14, 2019

Facebook fixed a critical zero-day flaw in WhatsApp that has been exploited to remotely install spyware on phones by calling the targeted device. Facebook has recently patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device.

Spyware

Spyware Surveillance Mobile Advertising

Earth Empusa targets minority group with Android ActionSpy spyware

Security Affairs

JUNE 15, 2020

The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. ActionSpy, which may have been around since 2017, is an Android spyware that allows the attacker to collect information from the compromised devices,” reads the report published by Trend Micro.

Spyware

Spyware Advertising Encryption Phishing

New FinFisher spyware used to spy on iOS and Android users in 20 countries

Security Affairs

JULY 11, 2019

Malware researchers from Kaspersky have discovered new and improved versions of the infamous FinFisher spyware used to infect both Android and iOS devices. Experts at Kaspersky have discovered a new improved variant of the FinFisher spyware used to spy on both iOS and Android users in 20 countries. Pierluigi Paganini.

Spyware

Spyware Advertising Mobile Architecture

WhatsApp flaw CVE-2019-11931 could be exploited to install spyware

Security Affairs

NOVEMBER 16, 2019

The popular messaging platform WhatsApp made the headlines again, a new bug could be exploited by hackers to secretly install spyware. In May, Facebook patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device.

Spyware

Spyware Advertising Mobile Information Security

Android Spyware Monokle, developed by Russian defense contractor, used in targeted attacks

Security Affairs

JULY 25, 2019

Researchers at Lookout discovered a new mobile spyware dubbed Monokle that was developed by a Russian defense contractor. Experts at Lookout discovered a new Android mobile spyware in the wild, dubbed Monokle, that was developed by a Russian defense contractor named Special Technology Centre Ltd. ( Pierluigi Paganini.

Spyware

Spyware Surveillance Mobile Advertising

Experts spotted a rare Linux Desktop spyware dubbed EvilGnome

Security Affairs

JULY 18, 2019

The researchers attribute the spyware to the Russia-linked and Gamaredon Group. The modules used by EvilGnome are reminiscent of the Windows tools used by the Gamaredon Group, other analogies include the use of SFX, persistence with task scheduler and the deployment of information stealers. Pierluigi Paganini.

Spyware

Spyware Malware Advertising Cyber Attacks

Google updates policies to ban any ads for surveillance solutions and services

Security Affairs

JULY 12, 2020

The move aims at fighting the advertising of any form of surveillance. “In August 2020, the Google Ads Enabling Dishonest Behavior policy will be updated to clarify restrictions on advertising for spyware and surveillance technology.”reads Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Surveillance

Surveillance Spyware Advertising Marketing

XLoader, a $49 spyware that could target both Windows and macOS devices

Security Affairs

JULY 21, 2021

FormBook is a data-stealing malware that is used in cyber espionage campaigns, like other spyware it is capable of extracting data from HTTP sessions, keystroke logging, stealing clipboard contents. On this day, XLoader was advertised for sale in one of the underground groups.” ” states the report published by CheckPoint.

Spyware

Spyware Malware Cybercrime Advertising

Updated Android spyware GravityRAT steals WhatsApp Backups

Security Affairs

JUNE 16, 2023

An updated version of the Android remote access trojan GravityRAT can steal WhatsApp backup files and can delete files ESET researchers discovered an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can delete files. The malware is distributed as the messaging apps BingeChat and Chatico.

Backups

Backups Spyware Malware Accountability

Unknown FinSpy Mac and Linux versions found in Egypt

Security Affairs

SEPTEMBER 27, 2020

Experts from Amnesty International uncovered a surveillance campaign that targeted Egyptian civil society organizations with a new version of FinSpy spyware. The binaries are obfuscated and do some checks to detect if the spyware is running in a Virtual Machine. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware

Spyware Surveillance Advertising Mobile

Apps with over 420 Million downloads from Google Play unveil the discovery of SpinOk spyware

Security Affairs

JUNE 1, 2023

Researchers discovered spyware, dubbed SpinOk, hidden in 101 Android apps with over 400 million downloads in Google Play. Upon executing the module, the malware-laced SDK connects to the C2 sending back a large amount of system information about the infected device. Info sent to the C2 includes data from sensors (e.g.

Spyware

Spyware Advertising Malware Marketing

Swedish Government grants police the use of spyware against violent crime suspects

Security Affairs

OCTOBER 24, 2019

The Sweden government is going to authorize the use of spyware on suspects’ devices to spy on their communications and track them. ” Starting from March 1, 2020, the Police Authority, the Security Police, the Customs Administration and the Swedish Crime Agency will be granted extended powers with the proposal.

Spyware

Spyware Government Surveillance Encryption

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. “With this in mind, we see that UEFI continues to be a point of interest to APT actors, while at large being overlooked by security vendors.”

Firmware

Firmware Spyware Surveillance Hacking

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

Security Affairs

AUGUST 12, 2020

Agent Tesla is a spyware that is used to spy on the victims by collecting keystrokes, system clipboard, screenshots, and credentials from the infected system. To do this, the spyware creates different threads and timer functions in the main function. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Passwords

Passwords Spyware VPN Malware

Evil Telegram campaign: Trojanized Telegram apps found on Google Play

Security Affairs

SEPTEMBER 10, 2023

Researchers from Kaspersky discovered several Telegram mods on the Google Play Store that contained spyware, the campaign was tracked as Evil Telegram. The vendor advertised the applications are the fastest apps that use a distributed network of data processing centers around the world. . ” concludes the analysis.

Spyware

Spyware Advertising Encryption Hacking

German authorities raid the offices of the FinFisher surveillance firm

Security Affairs

OCTOBER 14, 2020

In September, Amnesty International uncovered a new surveillance campaign that targeted Egyptian civil society organizations with previously undisclosed versions of the infamous FinSpy surveillance spyware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Surveillance

Surveillance Spyware Advertising Software

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Security Affairs

APRIL 8, 2020

In May, Facebook has patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Facebook or NSO Group? Pierluigi Paganini.

Surveillance

Surveillance Spyware Advertising Government

GravityRAT malware also targets Android and macOS

Security Affairs

OCTOBER 19, 2020

Researchers spotted new variants of the Windows GravityRAT spyware that now can also infect Android and macOS devices. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware Computers and Electronics Spyware Advertising

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Security Affairs

SEPTEMBER 18, 2020

Every third email, meanwhile, contained spyware , which is used by threat actors to steal payment data or other sensitive info to then put it on sale in the darknet or blackmail its owner. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, ransomware).

Phishing

Phishing Ransomware Spyware Banking

Phishers prefer Tesla, top 3 malware strains in Coronavirus phishing campaigns

Security Affairs

APRIL 9, 2020

Spyware turned out to be the most common malware class hiding in fraudulent COVID-19 emails, with AgentTesla topping the list of phishers’ favorite strains. Spyware: the most likely COVID-19 payload. Most COVID-19-related phishing emails analyzed had different spyware strains embedded as attachments. Source: CERT-GIB.

Phishing

Phishing Malware Spyware DDOS

Security Affairs newsletter Round 460 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 25, 2024

Apple created post-quantum cryptographic protocol PQ3 for iMessage Russian hacker is set to face trial for the hack of a local power grid Microsoft released red teaming tool PyRIT for Generative AI CISA orders federal agencies to fix ConnectWise ScreenConnect bug in a week FTC charged Avast with selling users’ browsing data to advertising companies (..)

Spyware

Spyware Cyber Insurance Hacking Advertising

Google revealed how watering hole attacks compromised iPhone devices earlier this year

Security Affairs

AUGUST 30, 2019

Threat actors used at least five unique iPhone exploit chains that allowed them to remotely jailbreak a device and deliver spyware. The spyware implant was also able to steal the database files from popular end-to-end encryption apps like Whatsapp, Telegram, and iMessage. Pierluigi Paganini. SecurityAffairs – iPhone, hacking).

Spyware

Spyware Hacking Advertising Encryption

North Korea-Linked APT Group Kimsuky spotted using new malware

Security Affairs

NOVEMBER 2, 2020

Researchers at Cybereason’s Nocturnus team published a new report that includes details on two new pieces of malware associated with the North-Korea linked APT, modular spyware called KGH_SPY and a downloader called CSPY Downloader. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Advertising Spyware Government

Security Affairs newsletter Round 261

Security Affairs

APRIL 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – newsletter, hacking).

Hacking

Hacking Advertising Spyware Antivirus

Google removes 17 Joker -infected apps from the Play Store

Security Affairs

SEPTEMBER 27, 2020

The spyware is able to steal SMS messages, contact lists and device information along with to sign victims up for premium service subscriptions. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware Advertising Spyware Encryption

New Android BlackRock malware targets hundreds of apps

Security Affairs

JULY 16, 2020

. “With the changes that we expect to be made to mobile banking Trojans, the line between banking malware and spyware becomes thinner, banking malware will pose a threat for more organizations and their infrastructure, an organic change that we observed on windows banking malware years ago.”

Malware

Malware Banking Mobile Advertising

New Coronavirus-themed malspam campaign delivers FormBook Malware

Security Affairs

MARCH 8, 2020

The final payload is the FormBook information-stealing Trojan, a malware that was first spotted by researchers at FireEye in October 2017. FormBook data-stealing malware was used with cyber espionage purposes, like other spyware it is capable of extracting data from HTTP sessions, keystroke logging, stealing clipboard contents.

Malware

Malware Scams Social Engineering Phishing

Security Affairs newsletter Round 269

Security Affairs

JUNE 21, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Security Affairs newsletter Round 269 appeared first on Security Affairs. authorities sanction six Nigerian nationals for BEC and Romance Fraud.

DDOS

DDOS Spyware Advertising Mobile

PhantomLance, a four-year-long cyberespionage spying campaign

Security Affairs

APRIL 28, 2020

The PhantomLance malware implements classic spyware functionalities, it could exfiltrate user data, phone call logs, SMS messages, contacts, and GPS data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware Advertising Marketing Spyware

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Last Watchdog

FEBRUARY 28, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Cyber threats

Cyber threats Computers and Electronics Adware Spyware

WhatsApp sued Israeli surveillance firm NSO Group and its parent Q Cyber Technologies

Security Affairs

OCTOBER 30, 2019

In May, Facebook has patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device. Today @WhatsApp is taking a stand against the dangerous use of spyware. This abuse must be stopped. Pierluigi Paganini.

Surveillance

Surveillance Technology Spyware Mobile

Security Affairs newsletter Round 265

Security Affairs

MAY 24, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Data breaches

Data breaches Spyware Advertising Hacking

UN approves Russia-Cina sponsored resolution on new cybercrime convention

Security Affairs

DECEMBER 30, 2019

Security experts have detected and analyzed some of the tools in its arsenals, such as the popular Pegasus spyware (for iOS) and Chrysaor (for Android). In September 2018, a report published by Citizen Lab revealed that the NSO Pegasus spyware was used against targets across 45 countries worldwide. Pierluigi Paganini.

Cybercrime

Cybercrime Surveillance Spyware Government

The Most Common Types of Malware in 2021

CyberSecurity Insiders

JANUARY 31, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Malware

Malware Computers and Electronics Adware Spyware

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Security Affairs

JUNE 18, 2020

Security researchers at ESET recently uncovered a campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations in the military sector and diplomatic missions in Eastern Europe. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

DNS

DNS Advertising Spyware Software

Android stalkerware, a danger for victims and stalkers

Security Affairs

MAY 17, 2021

This software could be easily found online, in many cases, their developers advertise them as a solution to protect children, but they offer spyware features that could be also abused by a third party. ESET researchers revealed that this kind of software has become very popular in the last couple of years.

Spyware

Spyware Mobile Software Advertising

Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

APRIL 21, 2024

PoC publicly available Linux variant of Cerber ransomware targets Atlassian servers Ivanti fixed two critical flaws in its Avalanche MDM Researchers released exploit code for actively exploited Palo Alto PAN-OS bug Cisco warns of large-scale brute-force attacks against VPN and SSH services PuTTY SSH Client flaw allows of private keys recovery A renewed (..)

Data breaches

Data breaches Ransomware Phishing Malware

A new variant of Asruex Trojan exploits very old Office, Adobe flaws

Security Affairs

AUGUST 23, 2019

Asruex first appeared in the threat landscape 2015, researchers linked it to the spyware used by the DarkHotel APT group. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware Advertising Spyware Encryption

Security Affairs newsletter Round 223 – News of the week

Security Affairs

JULY 21, 2019

Experts spotted a rare Linux Desktop spyware dubbed EvilGnome. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Security Affairs newsletter Round 223 – News of the week appeared first on Security Affairs.

Small Business

Small Business Media Spyware Advertising

Sextortion campaign uses Goontact spyware to target Android and iOS users

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

Trending Sources

Facebook vs NSO Group lawsuit: 1,400+ users were targeted with Pegasus spyware

Multiple WhatsApp mods spotted containing the CanesSpy Spyware

XCSSET Mac spyware spreads via Xcode Projects

WhatsApp zero-day exploited in targeted attacks to deliver NSO spyware

Earth Empusa targets minority group with Android ActionSpy spyware

New FinFisher spyware used to spy on iOS and Android users in 20 countries

WhatsApp flaw CVE-2019-11931 could be exploited to install spyware

Android Spyware Monokle, developed by Russian defense contractor, used in targeted attacks

Experts spotted a rare Linux Desktop spyware dubbed EvilGnome

Google updates policies to ban any ads for surveillance solutions and services

XLoader, a $49 spyware that could target both Windows and macOS devices

Updated Android spyware GravityRAT steals WhatsApp Backups

Unknown FinSpy Mac and Linux versions found in Egypt

Apps with over 420 Million downloads from Google Play unveil the discovery of SpinOk spyware

Swedish Government grants police the use of spyware against violent crime suspects

Second-ever UEFI rootkit used in North Korea-themed attacks

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

Evil Telegram campaign: Trojanized Telegram apps found on Google Play

German authorities raid the offices of the FinFisher surveillance firm

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

GravityRAT malware also targets Android and macOS

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Phishers prefer Tesla, top 3 malware strains in Coronavirus phishing campaigns

Security Affairs newsletter Round 460 by Pierluigi Paganini – INTERNATIONAL EDITION

Google revealed how watering hole attacks compromised iPhone devices earlier this year

North Korea-Linked APT Group Kimsuky spotted using new malware

Security Affairs newsletter Round 261

Google removes 17 Joker -infected apps from the Play Store

New Android BlackRock malware targets hundreds of apps

New Coronavirus-themed malspam campaign delivers FormBook Malware

Security Affairs newsletter Round 269

PhantomLance, a four-year-long cyberespionage spying campaign

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

WhatsApp sued Israeli surveillance firm NSO Group and its parent Q Cyber Technologies

Security Affairs newsletter Round 265

UN approves Russia-Cina sponsored resolution on new cybercrime convention

The Most Common Types of Malware in 2021

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Android stalkerware, a danger for victims and stalkers

Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION

A new variant of Asruex Trojan exploits very old Office, Adobe flaws

Security Affairs newsletter Round 223 – News of the week

Stay Connected