Security Affairs

MARCH 13, 2025

North Korea-linked APT group ScarCruft used a new Android spyware dubbed KoSpy to target Korean and English-speaking users. Lookout researchers attributed the spyware to the ScarCruft group with medium confidence. The spyware uses a unique IT for each victim that is calculated through a hardware fingerprint.

Spyware 77

Spyware Surveillance Encryption Malware 77

Malwarebytes

MARCH 20, 2025

Experts are again warning about the proliferating market for targeted spyware and espionage. Before we dive into the world of targeted spyware, it’s worth looking at a few of the main players that are active in and against this industry. The name of Paragons spyware is Graphite.

Spyware 71

Spyware Surveillance Mobile Government 71

Security Affairs

JULY 30, 2024

A new version of the Mandrake Android spyware has been found in five apps on Google Play, which have been downloaded over 32,000 times since 2022. Researchers from Kaspersky discovered a new version of the Mandrake Android spyware in five app on Google Play, totaling over 32,000 downloads between 2022 and 2024.

Spyware 126

Spyware Malware Mobile Marketing 126

Malwarebytes

OCTOBER 30, 2024

If there is an update available, Chrome will notify you and start downloading it. Previous Chrome vulnerabilities reported by Apple turned out to be exploited by a commercial spyware vendor. This vulnerability, tracked as CVE-2024-10487 , can be used by cybercriminals as a drive-by download.

Spyware 141

Spyware Architecture Advertising Engineering 141

Schneier on Security

NOVEMBER 10, 2022

The company’s Panamanian registration records show that it has the identical slate of officers, agents and partners as a spyware maker identified this year as an affiliate of Arizona-based Packet Forensics, which public contracting records and company documents show has sold communication interception services to U.S.

Spyware 331

Spyware Internet Internet Government 331

Malwarebytes

SEPTEMBER 29, 2022

It's no surprise then to see criminals continuing to abuse Zoom's popularity, in the hope of netting interested parties and, potentially, luring current users into downloading and installing malware. Malware @Zoom downloads ? Findings reveal six fake Zoom download sites, but they are no longer accessible.

Spyware 95

Spyware Malware Software Banking 95

Schneier on Security

MAY 5, 2020

That's when Russian security firm Dr. Web found a sample of spyware in Google's app store that impersonated a downloader of graphic design software but in fact had the capability to steal contacts, call logs, and text messages from Android phones. What's important is the ability to download new malicious payloads," he says. "It

Malware 266

Malware Spyware Phishing Government 266

Security Affairs

AUGUST 7, 2024

A previously unknown Android Spyware, dubbed LianSpy, has been targeting Russian users since at least 2021. In March 2024, cybersecurity researchers from Kaspersky discovered previously unknown Android spyware dubbed LianSpy. If found, the file is downloaded to the application’s internal data directory.

Spyware 142

Spyware Malware Encryption Data collection 142

The Hacker News

JULY 30, 2024

A new iteration of a sophisticated Android spyware called Mandrake has been discovered in five applications that were available for download from the Google Play Store and remained undetected for two years. A majority of the downloads originated

Spyware 135

Spyware 135

Heimadal Security

JUNE 24, 2022

For many years, Google has been monitoring the activity of commercial spyware sellers and in conjunction with Google’s Project Zero, discovered the fact that RCS Labs, an Italian vendor, utilizes unusual drive-by downloads as first infection vectors to target iOS and Android mobile users. What Happened?

Spyware 137

Spyware Mobile Cybersecurity 137

Bleeping Computer

JULY 29, 2024

A new version of the Android spyware 'Mandrake' has been found in five applications downloaded 32,000 times from Google Play, the platform's official app store. [.]

Spyware 127

Spyware Mobile 127

Security Affairs

NOVEMBER 10, 2021

South Korean users have been targeted with a new sophisticated Android spyware, tracked as PhoneSpy, as part of an ongoing campaign. Researchers from Zimperium zLabs uncovered an ongoing campaign aimed at infecting the mobile phones of South Korean users with new sophisticated android spyware dubbed PhoneSpy. Zimperium concludes.

Spyware 145

Spyware Mobile Social Engineering Malware 145

Malwarebytes

APRIL 28, 2021

This time it seems to be very active, especially in the UK where Android users are being targeted by text messages containing a link to a particularly nasty piece of spyware called Flubot. The tracking app is in fact spyware that steals passwords and other sensitive data. Warning from the National Cyber Security Centre.

Spyware 140

Spyware Banking Malware Passwords 140

Malwarebytes

MARCH 7, 2024

The US Treasury Department has sanctioned Predator spyware vendor Intellexa Consortium, and banned the company from doing business in the US. Intellexa is based in Greece but the Treasury Department imposed the sanctions because of the use of the spyware against Americans, including US government officials, journalists, and policy experts.

Spyware 123

Spyware Surveillance Government Mobile 123

Malwarebytes

JULY 12, 2024

In a new round, Apple is now warning users in 98 countries of potential mercenary spyware attacks. The message sent to the affected users says: “Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID.”

Spyware 140

Spyware Mobile Technology Passwords 140

Malwarebytes

SEPTEMBER 27, 2023

Recent events have demonstrated very clearly just how persistent and wide-spread the Pegasus spyware is. The exploit chain based on these vulnerabilities was capable of compromising devices without any interaction from the victim and were reportedly used by the NSO Group to deliver its infamous Pegasus spyware.

Spyware 143

Spyware Surveillance Mobile Software 143

Malwarebytes

FEBRUARY 3, 2025

WhatsApp has accused the professional spyware company Paragon of spying on a select group of users. WhatsApp, the Meta-owned, end-to-end encrypted messaging platform, said it has reliable information that nearly 100 journalists and other members of civil society were targets of a spyware campaign conducted by the Israeli spyware company.

Spyware 102

Spyware Accountability Encryption Government 102

Security Affairs

FEBRUARY 24, 2021

The threat actors used by spyware to take over the target systems, spy on the victims, and exfiltrate data. ” The attack chain begins with spear-phishing messages that include a link to an alleged important document to download. The link points to files containing spyware that could infect both Mac OS or Windows systems.

Spyware 128

Spyware Government Surveillance Phishing 128

Dark Reading

MAY 30, 2023

A Trojan SDK snuck past Google Play protections to infest 101 Android applications, bent on exfiltrating infected device data.

Spyware 128

Spyware 128

Trend Micro

AUGUST 16, 2021

While investigating the Confucius threat actor, we found a recent spear phishing campaign that utilizes Pegasus spyware-related lures to entice victims into opening a malicious document downloading a file stealer.

Spyware 124

Spyware Phishing 124

Malwarebytes

MARCH 5, 2024

A California federal judge has ordered spyware maker NSO Group to hand over the code for Pegasus and other spyware products that were used to spy on WhatsApp users. This may be true if a better understanding of how the spyware works leads to improvements that can thwart future abuse. Things have developed since then.

Spyware 140

Spyware Government Mobile Encryption 140

Malwarebytes

JUNE 29, 2022

Google’s Threat Analysis Group (TAG) has revealed a sophisticated spyware activity involving ISPs (internet service providers) aiding in downloading powerful commercial spyware onto users’ mobile devices. The spyware, dubbed Hermit, is reported to have government clients much like Pegasus.

Spyware 112

Spyware Government Social Engineering Mobile 112

Security Affairs

NOVEMBER 3, 2023

Kaspersky researchers are warning of multiple WhatsApp mods that embed a spyware module dubbed CanesSpy. Kaspersky researchers discovered multiple WhatsApp mods that embed a spyware module dubbed CanesSpy. mods are modifications or alterations made to an application, often by third-party developers or users.

Spyware 135

Spyware Malware Mobile Advertising 135

Security Affairs

FEBRUARY 11, 2021

Lookout researchers provided details about two Android spyware families employed by an APT group tracked as Confucius. Researchers at mobile security firm Lookout have provided details about two recently discovered Android spyware families, dubbed Hornbill and SunBird, used by an APT group named Confucius. Pierluigi Paganini.

Spyware 143

Spyware Surveillance Malware Mobile 143

Security Affairs

MARCH 27, 2021

Researchers spotted a sophisticated Android spyware that implements exfiltration capabilities and surveillance features, including recording audio and phone calls. Experts from security firm Zimperium have spotted a new sophisticated Android spyware that masquerades itself as a System Update application. ” concludes the report.

Spyware 117

Spyware Malware Surveillance Mobile 117

Schneier on Security

JANUARY 24, 2020

That file shows an image of the Saudi Arabian flag and Swedish flags and arrived with an encrypted downloader. Because the downloader was encrypted this delayed or further prevented "study of the code delivered along with the video.". But the report doesn't indicate if that did get done.

Hacking 273

Hacking Backups Spyware Encryption 273

Security Affairs

JUNE 1, 2023

Researchers discovered spyware, dubbed SpinOk, hidden in 101 Android apps with over 400 million downloads in Google Play. Our malware analysts discovered it in 101 apps with at least 421,290,300 cumulative downloads.”

Spyware 98

Spyware Advertising Malware Marketing 98

SecureList

JUNE 21, 2023

Over the years, there have been multiple cases when iOS devices were infected with targeted spyware such as Pegasus, Predator, Reign and others. Due to this granularity, discovering one exploit in the chain often does not result in retrieving the rest of the chain and obtaining the final spyware payload. running on iOS 15.3.1

Spyware 145

Spyware Encryption Passwords Backups 145

Security Affairs

NOVEMBER 26, 2021

A threat actor, tracked as APT C-23, is using new powerful Android spyware in attacks aimed at targets in the Middle East. The APT C-23 cyberespionage group (also known as GnatSpy, FrozenCell, or VAMP) continues to target entities in the Middle East with enhanced Android spyware masqueraded as seemingly harmless app updates (i.e.

Spyware 119

Spyware Social Engineering Surveillance Engineering 119

eSecurity Planet

SEPTEMBER 14, 2021

Apple continues to be haunted by spyware developed by an Israeli security firm that hostile governments used to hack into Apple devices to spy on journalists, activists and world leaders (see Apple Security Under Scrutiny Amid Fallout from NSO Spyware Scandal ). operating system was being exploited by the invasive Pegasus spyware.

Spyware 121

Spyware Mobile Engineering Government 121

SecureWorld News

OCTOBER 24, 2022

The app then connected to a malicious server and downloaded spyware to the phone, listening in on calls and viewing text messages for nearly a year and a half. Behind the attack is spyware manufacturer NSO Group, which sells technology to governments and law enforcement agencies, Bloomberg reported.

Spyware 103

Spyware Mobile Manufacturing Government 103

Security Affairs

APRIL 16, 2024

Researchers warn of a renewed cyber espionage campaign targeting users in South Asia with the Apple iOS spyware LightSpy Blackberry researchers discovered a renewed cyber espionage campaign targeting South Asia with an Apple iOS spyware called LightSpy.

Spyware 132

Spyware Mobile Malware Encryption 132

Security Affairs

JULY 19, 2022

Researchers spotted previously undocumented spyware, dubbed CloudMensis, that targets the Apple macOS systems. Experts have yet to determine how the victims are initially compromised by this spyware. It doesn’t use a publicly accessible link; it includes an access token to download the MyExecute file from the drive.

Spyware 98

Spyware Malware Authentication Architecture 98

We Live Security

NOVEMBER 10, 2023

The Urdu version of the Hunza News website offers readers the option to download an Android app – little do they know that the app is actually spyware

Spyware 103

Spyware 103

Malwarebytes

JANUARY 9, 2025

However, other extensions remain available and in the control of cybercriminals, making them dangerous to download. For all other threats, try Malwarebytes Teams , which provides always-on protection against malware, ransomware, spyware, and more, along with 24/7 dedicated, human support.

Malware 120

Malware Small Business Artificial Intelligence VPN 120

Security Affairs

SEPTEMBER 8, 2019

Security experts at Google have removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” ” Google has removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” ” states the analysis. The C&C URL 6.

Spyware 111

Spyware Advertising Malware Cryptocurrency 111

Security Affairs

NOVEMBER 30, 2022

Google’s Threat Analysis Group (TAG) linked three exploitation frameworks to a Spanish surveillance spyware vendor named Variston. While tracking the activities of commercial spyware vendors, Threat Analysis Group (TAG) spotted an exploitation framework likely linked Variston IT, a Spanish firm. ” TAG concludes.

Spyware 109

Spyware Surveillance Risk Internet 109