Security Affairs

DECEMBER 16, 2024

Researchers warn of previously undetected surveillance spyware, named NoviSpy, that was found infecting a Serbian journalist’s phone. The spyware’s deployment relied on Cellebrite’s unlocking process, combining two invasive technologies to compromise the journalists digital privacy comprehensively.

Spyware 105

Spyware Surveillance Technology Mobile 105

Bleeping Computer

JULY 29, 2024

A new version of the Android spyware 'Mandrake' has been found in five applications downloaded 32,000 times from Google Play, the platform's official app store. [.]

Spyware 127

Spyware Mobile 127

Malwarebytes

APRIL 28, 2021

This time it seems to be very active, especially in the UK where Android users are being targeted by text messages containing a link to a particularly nasty piece of spyware called Flubot. The tracking app is in fact spyware that steals passwords and other sensitive data. Warning from the National Cyber Security Centre.

Spyware 141

Spyware Banking Malware Passwords 141

Security Affairs

NOVEMBER 10, 2021

South Korean users have been targeted with a new sophisticated Android spyware, tracked as PhoneSpy, as part of an ongoing campaign. Researchers from Zimperium zLabs uncovered an ongoing campaign aimed at infecting the mobile phones of South Korean users with new sophisticated android spyware dubbed PhoneSpy. Zimperium concludes.

Spyware 145

Spyware Mobile Social Engineering Malware 145

Malwarebytes

SEPTEMBER 29, 2022

It's no surprise then to see criminals continuing to abuse Zoom's popularity, in the hope of netting interested parties and, potentially, luring current users into downloading and installing malware. Malware @Zoom downloads ? Findings reveal six fake Zoom download sites, but they are no longer accessible.

Spyware 83

Spyware Malware Software Banking 83

Malwarebytes

MARCH 7, 2024

The US Treasury Department has sanctioned Predator spyware vendor Intellexa Consortium, and banned the company from doing business in the US. Intellexa is based in Greece but the Treasury Department imposed the sanctions because of the use of the spyware against Americans, including US government officials, journalists, and policy experts.

Spyware 110

Spyware Surveillance Government Mobile 110

Schneier on Security

MAY 5, 2020

That's when Russian security firm Dr. Web found a sample of spyware in Google's app store that impersonated a downloader of graphic design software but in fact had the capability to steal contacts, call logs, and text messages from Android phones. What's important is the ability to download new malicious payloads," he says. "It

Malware 235

Malware Spyware Phishing Government 235

The Hacker News

JULY 30, 2024

A new iteration of a sophisticated Android spyware called Mandrake has been discovered in five applications that were available for download from the Google Play Store and remained undetected for two years. A majority of the downloads originated

Spyware 122

Spyware 122

Malwarebytes

JULY 12, 2024

In a new round, Apple is now warning users in 98 countries of potential mercenary spyware attacks. The message sent to the affected users says: “Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the iPhone associated with your Apple ID.”

Spyware 133

Spyware Mobile Technology Passwords 133

Malwarebytes

MARCH 5, 2024

A California federal judge has ordered spyware maker NSO Group to hand over the code for Pegasus and other spyware products that were used to spy on WhatsApp users. This may be true if a better understanding of how the spyware works leads to improvements that can thwart future abuse. Things have developed since then.

Spyware 133

Spyware Government Mobile Encryption 133

Security Affairs

FEBRUARY 24, 2021

The threat actors used by spyware to take over the target systems, spy on the victims, and exfiltrate data. ” The attack chain begins with spear-phishing messages that include a link to an alleged important document to download. The link points to files containing spyware that could infect both Mac OS or Windows systems.

Spyware 128

Spyware Government Surveillance Phishing 128

Dark Reading

MAY 30, 2023

A Trojan SDK snuck past Google Play protections to infest 101 Android applications, bent on exfiltrating infected device data.

Spyware 128

Spyware 128

Heimadal Security

JUNE 24, 2022

For many years, Google has been monitoring the activity of commercial spyware sellers and in conjunction with Google’s Project Zero, discovered the fact that RCS Labs, an Italian vendor, utilizes unusual drive-by downloads as first infection vectors to target iOS and Android mobile users. What Happened?

Spyware 117

Spyware Mobile Cybersecurity 117

Malwarebytes

SEPTEMBER 27, 2023

Recent events have demonstrated very clearly just how persistent and wide-spread the Pegasus spyware is. The exploit chain based on these vulnerabilities was capable of compromising devices without any interaction from the victim and were reportedly used by the NSO Group to deliver its infamous Pegasus spyware.

Spyware 133

Spyware Surveillance Mobile Software 133

Security Affairs

NOVEMBER 3, 2023

Kaspersky researchers are warning of multiple WhatsApp mods that embed a spyware module dubbed CanesSpy. Kaspersky researchers discovered multiple WhatsApp mods that embed a spyware module dubbed CanesSpy. mods are modifications or alterations made to an application, often by third-party developers or users.

Spyware 134

Spyware Malware Mobile Advertising 134

Security Affairs

FEBRUARY 11, 2021

Lookout researchers provided details about two Android spyware families employed by an APT group tracked as Confucius. Researchers at mobile security firm Lookout have provided details about two recently discovered Android spyware families, dubbed Hornbill and SunBird, used by an APT group named Confucius. Pierluigi Paganini.

Spyware 143

Spyware Surveillance Malware Mobile 143

Malwarebytes

JUNE 29, 2022

Google’s Threat Analysis Group (TAG) has revealed a sophisticated spyware activity involving ISPs (internet service providers) aiding in downloading powerful commercial spyware onto users’ mobile devices. The spyware, dubbed Hermit, is reported to have government clients much like Pegasus.

Spyware 107

Spyware Government Social Engineering Mobile 107

Security Affairs

NOVEMBER 1, 2024

New LightSpy spyware targets iPhones supporting destructive features that can block compromised devices from booting up. In May 2024, ThreatFabric researchers discovered a macOS version of LightSpy spyware that has been active in the wild since at least January 2024. The updated iOS version (7.9.0) The updated iOS version (7.9.0)

Spyware 98

Spyware Media Malware Hacking 98

Security Affairs

JUNE 1, 2023

Researchers discovered spyware, dubbed SpinOk, hidden in 101 Android apps with over 400 million downloads in Google Play. Our malware analysts discovered it in 101 apps with at least 421,290,300 cumulative downloads.”

Spyware 98

Spyware Advertising Malware Marketing 98

Security Affairs

MARCH 27, 2021

Researchers spotted a sophisticated Android spyware that implements exfiltration capabilities and surveillance features, including recording audio and phone calls. Experts from security firm Zimperium have spotted a new sophisticated Android spyware that masquerades itself as a System Update application. ” concludes the report.

Spyware 117

Spyware Malware Surveillance Mobile 117

Security Affairs

NOVEMBER 26, 2021

A threat actor, tracked as APT C-23, is using new powerful Android spyware in attacks aimed at targets in the Middle East. The APT C-23 cyberespionage group (also known as GnatSpy, FrozenCell, or VAMP) continues to target entities in the Middle East with enhanced Android spyware masqueraded as seemingly harmless app updates (i.e.

Spyware 118

Spyware Social Engineering Surveillance Engineering 118

SecureList

JUNE 21, 2023

Over the years, there have been multiple cases when iOS devices were infected with targeted spyware such as Pegasus, Predator, Reign and others. Due to this granularity, discovering one exploit in the chain often does not result in retrieving the rest of the chain and obtaining the final spyware payload. running on iOS 15.3.1

Spyware 142

Spyware Encryption Passwords Backups 142

Security Affairs

APRIL 16, 2024

Researchers warn of a renewed cyber espionage campaign targeting users in South Asia with the Apple iOS spyware LightSpy Blackberry researchers discovered a renewed cyber espionage campaign targeting South Asia with an Apple iOS spyware called LightSpy.

Spyware 131

Spyware Mobile Malware Encryption 131

eSecurity Planet

SEPTEMBER 14, 2021

Apple continues to be haunted by spyware developed by an Israeli security firm that hostile governments used to hack into Apple devices to spy on journalists, activists and world leaders (see Apple Security Under Scrutiny Amid Fallout from NSO Spyware Scandal ). operating system was being exploited by the invasive Pegasus spyware.

Spyware 117

Spyware Mobile Engineering Government 117

Security Affairs

JULY 19, 2022

Researchers spotted previously undocumented spyware, dubbed CloudMensis, that targets the Apple macOS systems. Experts have yet to determine how the victims are initially compromised by this spyware. It doesn’t use a publicly accessible link; it includes an access token to download the MyExecute file from the drive.

Spyware 98

Spyware Malware Authentication Architecture 98

Schneier on Security

JANUARY 24, 2020

That file shows an image of the Saudi Arabian flag and Swedish flags and arrived with an encrypted downloader. Because the downloader was encrypted this delayed or further prevented "study of the code delivered along with the video.". But the report doesn't indicate if that did get done.

Hacking 246

Hacking Backups Spyware Encryption 246

Security Affairs

SEPTEMBER 8, 2019

Security experts at Google have removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” ” Google has removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” ” states the analysis. The C&C URL 6.

Spyware 111

Spyware Advertising Malware Cryptocurrency 111

Security Affairs

NOVEMBER 30, 2022

Google’s Threat Analysis Group (TAG) linked three exploitation frameworks to a Spanish surveillance spyware vendor named Variston. While tracking the activities of commercial spyware vendors, Threat Analysis Group (TAG) spotted an exploitation framework likely linked Variston IT, a Spanish firm. ” TAG concludes.

Spyware 108

Spyware Surveillance Risk Internet 108

Security Affairs

AUGUST 30, 2023

The domain was registered on February 15 th , 2022, and provides a link to download the malicious Signal Plus Messenger application either from Google Play or directly from the website” continues the report. The campaigns observed by the researchers are likely active since July 2020 and since July 2022, respectively.

Spyware 132

Spyware Accountability Malware Hacking 132

We Live Security

NOVEMBER 10, 2023

The Urdu version of the Hunza News website offers readers the option to download an Android app – little do they know that the app is actually spyware

Spyware 97

Spyware 97

Security Affairs

JULY 20, 2023

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. Upon installing the two spyware, they request extensive device permissions.

Spyware 98

Spyware Surveillance Mobile Malware 98

Security Affairs

JUNE 15, 2020

The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. Attackers injected the malicious code to deploy the spyware in websites, some of them were actually fake. The server, in turn, may send some commands to the compromised device.

Spyware 104

Spyware Advertising Encryption Phishing 104

Security Affairs

OCTOBER 11, 2021

A Togolese human rights advocate was hit by mobile spyware that has been allegedly developed by an Indian firm called Innefu Labs. Experts believe the attackers used a spyware developed by an Indian company called Innefu Labs. In the past, the Donot Team spyware was found in attacks outside of South Asia. Pierluigi Paganini.

Spyware 102

Spyware Surveillance Accountability Mobile 102

Malwarebytes

AUGUST 30, 2023

Anonymous hackers have breached the servers of spyware app “WebDetetive ” , accessing the user database. Spyware apps are installed on a potential victim’s phone without permission and lurk invisibly, collecting data and sending it back to the app operator. Use an antivirus on your phone.

Spyware 95

Spyware Mobile Antivirus Software 95

Security Affairs

JULY 18, 2019

The researchers attribute the spyware to the Russia-linked and Gamaredon Group. EvilGnome allows attackers to take screenshots, steal files, capture audio recordings from the microphone, and download and execute other payloads. Intezer spotted a new piece of Linux malware dubbed EvilGnome because it disguises as a Gnome extension.

Spyware 109

Spyware Malware Advertising Cyber Attacks 109

Security Affairs

JULY 21, 2021

FormBook is a data-stealing malware that is used in cyber espionage campaigns, like other spyware it is capable of extracting data from HTTP sessions, keystroke logging, stealing clipboard contents. The post XLoader, a $49 spyware that could target both Windows and macOS devices appeared first on Security Affairs. Pierluigi Paganini.

Spyware 112

Spyware Malware Cybercrime Advertising 112

Threatpost

DECEMBER 18, 2020

Threat actors impersonate Google Play store in scam as Sony pulls the game off the PlayStation store due to myriad performance issues.

Spyware 104

Spyware Scams Malware 104