Malwarebytes

FEBRUARY 3, 2025

WhatsApp has accused the professional spyware company Paragon of spying on a select group of users. WhatsApp, the Meta-owned, end-to-end encrypted messaging platform, said it has reliable information that nearly 100 journalists and other members of civil society were targets of a spyware campaign conducted by the Israeli spyware company.

Spyware 109

Spyware Accountability Encryption Government 109

Security Affairs

AUGUST 7, 2024

A previously unknown Android Spyware, dubbed LianSpy, has been targeting Russian users since at least 2021. In March 2024, cybersecurity researchers from Kaspersky discovered previously unknown Android spyware dubbed LianSpy. This AES key is then encrypted using a hardcoded public RSA key embedded in the spyware.

Spyware 141

Spyware Malware Encryption Data collection 141

Schneier on Security

JUNE 23, 2021

Its spyware is also said to be equipped with a keylogger, which means every keystroke made on an infected device — including passwords, search queries and messages sent via encrypted messaging apps — can be tracked and monitored.

Manufacturing 289

Manufacturing Spyware Surveillance Marketing 289

Bleeping Computer

NOVEMBER 13, 2021

The GravityRAT remote access trojan is being distributed in the wild again, this time under the guise of an end-to-end encrypted chat application called SoSafe Chat. [.].

Encryption 131

Encryption Spyware 131

Malwarebytes

MARCH 5, 2024

A California federal judge has ordered spyware maker NSO Group to hand over the code for Pegasus and other spyware products that were used to spy on WhatsApp users. During this time, NSO Group gained access to the users’ sensitive data, including encrypted messages. Things have developed since then.

Spyware 142

Spyware Government Mobile Encryption 142

Security Affairs

SEPTEMBER 14, 2023

The iPhone of a prominent Russian journalist, who is at odds with Moscow, was infected with NSO Group’s Pegasus spyware. The iPhone of the Russian journalist Galina Timchenko was compromised with NSO Group’s Pegasus spyware. The threat actors used a zero-click exploit, likely the PWNYOURHOME. ” reported Citizen Lab.

Spyware 129

Spyware Surveillance Media Government 129

Security Affairs

APRIL 16, 2024

Researchers warn of a renewed cyber espionage campaign targeting users in South Asia with the Apple iOS spyware LightSpy Blackberry researchers discovered a renewed cyber espionage campaign targeting South Asia with an Apple iOS spyware called LightSpy. ” reads the report published by BlackBerry.

Spyware 130

Spyware Mobile Malware Encryption 130

SecureList

JUNE 21, 2023

Over the years, there have been multiple cases when iOS devices were infected with targeted spyware such as Pegasus, Predator, Reign and others. Due to this granularity, discovering one exploit in the chain often does not result in retrieving the rest of the chain and obtaining the final spyware payload.

Spyware 145

Spyware Encryption Passwords Backups 145

Security Affairs

MARCH 27, 2021

Researchers spotted a sophisticated Android spyware that implements exfiltration capabilities and surveillance features, including recording audio and phone calls. Experts from security firm Zimperium have spotted a new sophisticated Android spyware that masquerades itself as a System Update application. ” concludes the report.

Spyware 116

Spyware Malware Surveillance Mobile 116

Security Affairs

JULY 30, 2024

A new version of the Mandrake Android spyware has been found in five apps on Google Play, which have been downloaded over 32,000 times since 2022. Researchers from Kaspersky discovered a new version of the Mandrake Android spyware in five app on Google Play, totaling over 32,000 downloads between 2022 and 2024.

Spyware 124

Spyware Malware Mobile Marketing 124

Schneier on Security

JANUARY 24, 2020

That file shows an image of the Saudi Arabian flag and Swedish flags and arrived with an encrypted downloader. Because the downloader was encrypted this delayed or further prevented "study of the code delivered along with the video.". But the report doesn't indicate if that did get done.

Hacking 269

Hacking Backups Spyware Encryption 269

Security Affairs

DECEMBER 8, 2024

officials urge Americans to use encrypted apps amid unprecedented cyberattack The Great Pokmon Go Spy Panic Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,newsletter) warn of PRC-linked cyber espionage targeting telecom networks U.S.

Artificial Intelligence 101

Artificial Intelligence Spyware Hacking Ransomware 101

Security Affairs

AUGUST 15, 2020

The malware also implements ransomware behavior, it is able to encrypt files and display a ransom note. The post XCSSET Mac spyware spreads via Xcode Projects appeared first on Security Affairs. The malware also allows attackers to capture screenshots and exfiltrate stolen documents to the attackers’ server. Pierluigi Paganini.

Spyware 142

Spyware Malware Advertising Cryptocurrency 142

Security Affairs

OCTOBER 29, 2021

The Hive ransomware operators have developed a new variant of their malware that can encrypt Linux and FreeBSD. ESET researchers discovered a new Hive ransomware variant that was specifically developed to encrypt Linux and FreeBSD. The Hive ransomware adds the.hive extension to the filename of encrypted files. .

Encryption 135

Encryption Ransomware Spyware Malware 135

Security Affairs

JUNE 15, 2020

The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. ActionSpy, which may have been around since 2017, is an Android spyware that allows the attacker to collect information from the compromised devices,” reads the report published by Trend Micro.

Spyware 103

Spyware Advertising Encryption Phishing 103

Security Affairs

SEPTEMBER 8, 2019

Security experts at Google have removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” ” Google has removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” ” states the analysis. The C&C URL 6.

Spyware 111

Spyware Advertising Malware Cryptocurrency 111

Heimadal Security

NOVEMBER 15, 2021

GravityRAT, a Remote Access Trojan, is being spread in the wild once more, this time disguised as SoSafe Chat, an end-to-end encrypted chat application. GravityRAT is a spyware-type of malware that enables threat actors to steal data from compromised machines. The trojan has […].

Encryption 98

Encryption Spyware Malware Cybersecurity 98

Security Affairs

NOVEMBER 24, 2021

federal court for illegally targeting its customers with the surveillance spyware Pegasus. The complaint provides new information on how NSO Group infected victims’ devices with its Pegasus spyware. Apple has sued NSO Group and its parent company Q Cyber Technologies in a U.S. ” reads the announcement published by Apple.

Spyware 100

Spyware Surveillance Software Hacking 100

Dark Reading

SEPTEMBER 8, 2023

Legitimate-seeming Telegram "mods" available in the official Google Play store for the encrypted messaging app signal the rise of a new enterprise threat.

Spyware 128

Spyware Mobile Encryption 128

Security Affairs

JULY 18, 2019

The researchers attribute the spyware to the Russia-linked and Gamaredon Group. die3” to encrypt or decrypt data to and from the C&C. The post Experts spotted a rare Linux Desktop spyware dubbed EvilGnome appeared first on Security Affairs. ” reads the analysis published by Intezer. Pierluigi Paganini.

Spyware 109

Spyware Malware Advertising Cyber Attacks 109

Security Affairs

MARCH 11, 2019

In July, the experts discovered a new sophisticated version of the AZORult Spyware that was involved in a large email campaign on July 18. ” One of the variants analyzed by BleepingComputer encrypts data and appends the.promorad extension to encrypted files, then it creates ransom notes named _readme.txt as shown below.

Encryption 109

Encryption Ransomware Cryptocurrency Passwords 109

Security Affairs

SEPTEMBER 27, 2020

Experts from Amnesty International uncovered a surveillance campaign that targeted Egyptian civil society organizations with a new version of FinSpy spyware. The binaries are obfuscated and do some checks to detect if the spyware is running in a Virtual Machine. ” reads the Amnesty’s report.

Spyware 144

Spyware Surveillance Advertising Mobile 144

Security Affairs

OCTOBER 24, 2019

The Sweden government is going to authorize the use of spyware on suspects’ devices to spy on their communications and track them. “ The police are given the opportunity to read encrypted communications. From March next year, it will be legal to intercept encrypted calls in mobiles, computers and video calls.”

Spyware 75

Spyware Government Surveillance Encryption 75

Malwarebytes

APRIL 11, 2024

Mercenary spyware is used by governments to target people like journalists, political activists, and similar targets, and involves the use of sophisticated tools like Pegasus. Pegasus is one of the world’s most advanced and invasive spyware tools, known to utilize zero-day vulnerabilities against mobile devices.

Spyware 131

Spyware Government Mobile Password Management 131

SecureWorld News

OCTOBER 31, 2024

Like vampires, malware strains can operate quietly, leeching data or encrypting files without warning, making ransomware and spyware infections incredibly haunting. Vampire malware: draining systems dry This malware creeps in undetected, draining resources and stealing data in the dark.

IoT 117

IoT Phishing DDOS Backups 117

SecureList

FEBRUARY 5, 2025

It encrypts data with AES-256 in CBC mode before sending and decrypts server responses with AES-128 in CBC mode. The process of sending data to “rust” consists of three stages: Data is encrypted with AES-256 in CBC mode using the same key as in the case of the “http” server.

Malware 138

Malware Encryption Mobile Cryptocurrency 138

Security Affairs

APRIL 16, 2019

Scranos is a powerful cross-platform rootkit-enabled spyware discovered while investigating malware posing as legitimate software like video players, drivers and even anti-virus products. Browsing History Stealer Payload — This payload collects Chrome’s browsing history and sends it to the C&C in an encrypted form.

Spyware 101

Spyware Adware Malware Accountability 101

Security Affairs

SEPTEMBER 4, 2018

The company that sells the parental control spyware app Family Orbit has been hacked, pictures of hundreds of monitored children were left online. The company that sells the parental control spyware app Family Orbit has been hacked, the pictures of hundreds of monitored children were left online only protected by a password.

Spyware 75

Spyware Hacking Data breaches Passwords 75

Security Affairs

NOVEMBER 24, 2024

Fake AI video generators infect Windows, macOS with infostealers How Italy became an unexpected spyware hub Babble Babble Babble Babble Babble Babble BabbleLoader One Sock Fits All: The use and abuse of the NSOCKS botnet Helldown Ransomware: an overview of this emerging threat Python NodeStealer Targets Facebook Ads Manager with New Techniques Chaotic-Based (..)

Malware 61

Malware Spyware Antivirus VPN 61

Security Boulevard

FEBRUARY 11, 2021

Hornbill and SunBird have sophisticated capabilities to exfiltrate SMS message content, encrypted messaging app content, geolocation, contact information, call logs, as well. The post Lookout Threat Researchers Discover State-Sponsored Android Spyware Connected to Confucius APT appeared first on Security Boulevard.

Spyware 69

Spyware Encryption 69

Security Affairs

FEBRUARY 9, 2025

Texas is the first state to ban DeepSeek on government devices Law enforcement seized the domains of HeartSender cybercrime marketplaces WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware Ransomware attack hit Indian multinational Tata Technologies International Press Newsletter Cybercrime FBI, Dutch Police Disrupt Manipulaters (..)

Spyware 59

Spyware Cybercrime Scams Social Engineering 59

Security Affairs

AUGUST 30, 2018

The BusyGasper Android spyware has been active since May 2016, it implements unusual features for this type of malware. We found no similarities to commercial spyware products or to other known spyware variants, which suggests BusyGasper is self-developed and used by a single threat actor.” ” continues Kaspersky.

Spyware 72

Spyware Malware Advertising Banking 72

Security Affairs

JANUARY 19, 2025

CISA adds Aviatrix Controllers vulnerability to its Known Exploited Vulnerabilities catalog ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems Russia-linked APT Star Blizzard targets WhatsApp accounts Prominent US law firm Wolf Haldenstein disclosed a data breach Clop Ransomware exploits Cleo File Transfer flaw: dozens (..)

Spyware 67

Spyware Data breaches DNS Artificial Intelligence 67

Thales Cloud Protection & Licensing

NOVEMBER 24, 2020

Mitigating Ransomware Attacks – Decoupling Encryption Keys From Encrypted Data. Once the hackers gain an inside entry in an organisation’s IT systems, they deploy a file-encrypting malware known as ransomware. While front line defense mechanisms like firewalls, anti-theft, anti-spyware, etc. Wed, 11/25/2020 - 05:55.

Encryption 62

Encryption Ransomware Backups System Administration 62

Security Affairs

SEPTEMBER 10, 2023

Researchers from Kaspersky discovered several Telegram mods on the Google Play Store that contained spyware, the campaign was tracked as Evil Telegram. The collected information is then encrypted and cached into a temporary file named tgsync.s3. The app sends this temporary file to the command server at certain intervals.”

Spyware 135

Spyware Advertising Encryption Hacking 135

Security Affairs

DECEMBER 12, 2024

These documents suggest the existence of an iOS conversion of the spyware that has yet to be uncovered. The tool encrypts data before exfiltrate it to a command-and-control server. The researchers analyzed multiple samples of the malware and gained access to internal documents obtained from open directories on attacker infrastructure.

Surveillance 63

Surveillance Mobile Spyware Malware 63

Security Affairs

FEBRUARY 23, 2025

from Bybit, it is the largest cryptocurrency heist ever Apple removes iCloud encryption in UK following backdoor demand B1acks Stash released 1 Million credit cards U.S. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Lazarus APT stole $1.5B

Malware 64

Malware Scams Encryption Phishing 64