Malware and Surveillance - Cyber Security Informer

Experts discovered surveillance tool EagleMsgSpy used by Chinese law enforcement

Security Affairs

DECEMBER 12, 2024

Chinese law enforcement uses the mobile surveillance tool EagleMsgSpy to gather data from Android devices, as detailed by Lookout. Researchers at the Lookout Threat Lab discovered a surveillance tool, dubbed EagleMsgSpy, used by Chinese law enforcement to spy on mobile devices. ” reads the report published by Lookout.

Surveillance

Surveillance Mobile Spyware Malware

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports

Security Affairs

AUGUST 6, 2022

Greek intelligence admitted it had spied on a journalist, while citizens ask the government to reveal the use of surveillance malware. The head of the Greek intelligence told a parliamentary committee that they had spied on a journalist with surveillance malware , Reuters reported citing two sources present.

Surveillance

Surveillance Malware Spyware Government

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

Security Affairs

DECEMBER 16, 2024

Researchers warn of previously undetected surveillance spyware, named NoviSpy, that was found infecting a Serbian journalist’s phone. Then he requested help from Amnesty Internationals Security Lab fearing to be the target of surveillance software like other journalists in Serbia. Development traces back to at least 2018.

Spyware

Spyware Surveillance Technology Mobile

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

U.S. Court rules against NSO Group in WhatsApp spyware Lawsuit

Security Affairs

DECEMBER 23, 2024

Court documents state that on October 29, 2019, plaintiffs filed this lawsuit, alleging that the defendants used WhatsApp to target approximately 1,400 mobile phones and devices to infect them with the surveillance software. NSOs witnesses have refused to answer whether it developed further WhatsApp-based Malware Vectors thereafter.

Spyware

Spyware Surveillance Software Hacking

US NCSC and DoS share best practices against surveillance tools

Security Affairs

JANUARY 9, 2022

The US NCSC and the Department of State published joint guidance on defending against attacks using commercial surveillance tools. In the last years, we have reported several cases of companies selling commercial surveillance tools to governments and other entities that have used them for malicious purposes. Pierluigi Paganini.

Surveillance

Surveillance Mobile Spyware Malware

China officially condemns Pegasus spyware surveillance and accuses US

CyberSecurity Insiders

JULY 22, 2021

Chine Foreign Ministry has issued a public statement condemning the distribution and usage of Pegasus Spyware surveillance software by various countries. Now, to those uninitiated, Israel-based NSO Group developed Pegasus surveillance software that was meant for government organizations to spy on criminal suspects.

Surveillance

Surveillance Spyware Software Government

Privacy Roundup: Week 3 of Year 2025

Security Boulevard

JANUARY 20, 2025

Inside the Black Box of Predictive Travel Surveillance Wired Covers the use of powerful surveillance technology in predicting who might be a "threat." Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw).

Surveillance

Surveillance Malware Data breaches Scams

Google updates policies to ban any ads for surveillance solutions and services

Security Affairs

JULY 12, 2020

Google announced that starting from August it will update its policies to reject ads proposed by organizations offering surveillance software. The move aims at fighting the advertising of any form of surveillance. The tech giant announced that the update will be effective starting from August 11, 2020. Pierluigi Paganini.

Surveillance

Surveillance Spyware Advertising Marketing

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

Security Affairs

FEBRUARY 2, 2025

Meta announced the disruption of a malware campaign via WhatsApp that targeted journalists with the Paragon spyware. Meta announced that discovered and dismantled a malware campaign via WhatsApp that targeted journalists and civil society members with the Paragon spyware (aka Graphite). reads the court document.

Spyware

Spyware Hacking Surveillance Malware

New Screenshotter Malware Performs Surveillance Before Stealing Data

Heimadal Security

FEBRUARY 10, 2023

A new custom-made malware, the Screenshotter, surveils the victims before stealing data. The threat actor called TA886 is utilizing this malware to target users from the United States and Germany. Researchers first spotted the campaign in October 2022, but its activity increased in 2023.

Surveillance

Surveillance Malware Cybersecurity

'Stealth Soldier' Attacks Target Libyan Government Entities With Surveillance Malware

Dark Reading

JUNE 12, 2023

Surveillance malware targets Libyan government entities, with possible links to a 2019 Egypt attack campaign.

Surveillance

Surveillance Government Malware

White hat hackers gained access more than 150,000 surveillance cameras

Security Affairs

MARCH 10, 2021

A group of hackers claimed to have compromised more than 150,000 surveillance cameras at banks, jails, schools, and prominent companies like Tesla and Equinox. Hackers also posted images captured from the hacked surveillance video on Twitter with an #OperationPanopticon hashtag. SecurityAffairs – hacking, surveillance cameras).

Surveillance

Surveillance Hacking Banking Firmware

EagleMsgSpy: Unmasking a Sophisticated Chinese Surveillance Tool

Penetration Testing

DECEMBER 11, 2024

Researchers at the Lookout Threat Lab have identified a sophisticated surveillance tool, dubbed EagleMsgSpy, reportedly used by law enforcement agencies in mainland China. The tool, operational since at least 2017,... The post EagleMsgSpy: Unmasking a Sophisticated Chinese Surveillance Tool appeared first on Cybersecurity News.

Surveillance

Surveillance Cybersecurity Spyware Malware

Surveillance firm’s leaked docs show the purchase of an $8M iOS RCE zero-day exploit?

Security Affairs

AUGUST 28, 2022

Leaked documents show the surveillance firm Intellexa offering exploits for iOS and Android devices for $8 Million. Intellexa is an Israeli surveillance firm founded by Israeli entrepreneur Tal Dilian, it offers surveillance and hacking solution to law enforcement and intelligence agencies. Pierluigi Paganini.

Surveillance

Surveillance Spyware Mobile Hacking

Iranian govt uses BouldSpy Android malware for internal surveillance operations

Security Affairs

MAY 1, 2023

Iranian authorities have been spotted using the BouldSpy Android malware to spy on minorities and traffickers. Researchers at the Lookout Threat Lab have discovered a new Android surveillance spyware, dubbed BouldSpy, that was used by the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). continues the report.

Surveillance

Surveillance Malware Spyware Accountability

Mollitiam Industries is the Newest Cyberweapons Arms Manufacturer

Schneier on Security

JUNE 23, 2021

To evade detection, the malware makes use of the company’s so-called “invisible low stealth technology” and its Android product is advertised as having “low data and battery consumption” to prevent people from suspecting their phone or tablet has been infected.

Manufacturing

Manufacturing Spyware Surveillance Marketing

Massive iPhone Hack Targets Uyghurs

Schneier on Security

SEPTEMBER 3, 2019

China is being blamed for a massive surveillance operation that targeted Uyghur Muslims. Earlier this year, Google's Project Zero found a series of websites that have been using zero-day vulnerabilities to indiscriminately install malware on iPhones that would visit the site. The vulnerabilities were patched in iOS 12.1.4,

Hacking

Hacking Surveillance Malware Government

ScarCruft surveilling North Korean defectors and human rights activists

SecureList

NOVEMBER 29, 2021

The victim was infected by PowerShell malware and we discovered evidence that the actor had already stolen data from the victim and had been surveilling this victim for several months. Based on the findings from the compromised machine, we discovered additional malware. Contact: intelreports@kaspersky.com.

Surveillance

Surveillance Malware Phishing Encryption

Netgear Routers' Flaws Expose Users to Malware, Remote Attacks, and Surveillance

The Hacker News

MAY 12, 2023

Successful exploits could allow attackers to monitor users' internet activity, hijack internet connections, and redirect traffic to malicious websites or inject malware into network traffic," Claroty security researcher Uri Katz said in a

Surveillance

Surveillance Malware Internet Internet

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Security Affairs

MARCH 20, 2025

The archive contains a fake PDF report and DarkTortilla malware, which acts as a launcher for the Dark Crystal RAT ( DCRat ). The modular architecture of the malware allows to extend its functionalities for multiple malicious purposes, including surveillance, reconnaissance, information theft, DDoS attacks, and arbitrary code execution.

Computers and Electronics

Computers and Electronics Telecommunications Malware Surveillance

Is the Belarusian government behind the surveillance Android app banned by Google?

Security Affairs

SEPTEMBER 3, 2020

According to an anonymous Belarusian security researcher the app was designed for surveillance purposes, it collects info on the device owner and geolocation data, then periodically sends the data back to a remote server. The post Is the Belarusian government behind the surveillance Android app banned by Google? site (89.223.89[.]47).”

Surveillance

Surveillance Government Advertising Malware

Windows Boot Manager Hijacked by FinFisher Malware

Heimadal Security

SEPTEMBER 29, 2021

The FinFisher surveillance solution was developed by the Gamma Group but it also comes with malware-like capabilities often found in spyware strains. The post Windows Boot Manager Hijacked by FinFisher Malware appeared first on Heimdal Security Blog. Researchers Investigated […].

Malware

Malware Spyware Surveillance Government

Poland probes Pegasus spyware abuse under the PiS government

Security Affairs

DECEMBER 3, 2024

According to rumors, the Polish special services are using surveillance software to spy on government opponents. In June 2022, the controversial Israeli surveillance vendor NSO Group told the European Union lawmakers that its Pegasus spyware was used by at least five countries in the region.

Spyware

Spyware Government Surveillance Hacking

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

Security Affairs

JUNE 24, 2022

Researchers from Google’s Threat Analysis Group (TAG) revealed that the Italian surveillance firm RCS Labs was helped by some Internet service providers (ISPs) in Italy and Kazakhstan to infect Android and iOS users with their spyware. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Surveillance

Surveillance Mobile Spyware Telecommunications

LightSpy Spyware's macOS Variant Found with Advanced Surveillance Capabilities

The Hacker News

JUNE 7, 2024

The findings come from both Huntress Labs and ThreatFabric, which separately analyzed the artifacts associated with the cross-platform malware framework that likely possesses capabilities to infect Android, iOS, Windows, macOS,

Spyware

Spyware Surveillance Malware Cybersecurity

Ferocious Kitten: 6 years of covert surveillance in Iran

SecureList

JUNE 16, 2021

The malware dropped from the aforementioned document is dubbed ‘MarkiRAT’ and used to record keystrokes, clipboard content, provide file download and upload capabilities as well as the ability to execute arbitrary commands on the victim machine. Background. Analysis of MarkiRAT. hxxp://C2/ech/client.php?u=[computername]_[username]&k=[AV_value].

Surveillance

Surveillance Malware Password Management Passwords

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

Security Affairs

JUNE 17, 2022

Experts uncovered an enterprise-grade surveillance malware dubbed Hermit used to target individuals in Kazakhstan, Syria, and Italy since 2019. Lookout Threat Lab researchers uncovered enterprise-grade Android surveillance spyware, named Hermit, used by the government of Kazakhstan to track individuals within the country.

Spyware

Spyware Surveillance Telecommunications Mobile

QuaDream surveillance firm’s spyware targeted iPhones with zero-click exploit

Security Affairs

APRIL 12, 2023

At least five members of civil society worldwide have been targeted with spyware and exploits developed by surveillance firm QuaDream. Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. ” concludes Citizen Lab.

Spyware

Spyware Surveillance Malware Government

Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure

Security Affairs

SEPTEMBER 16, 2024

The IT giant fears that the disclosures of its threat intelligence related to commercial spyware operations could aid NSO and other surveillance firms. federal court for illegally targeting its customers with the surveillance spyware Pegasus. ” reads the court filing.

Surveillance

Surveillance Spyware Risk Hacking

RemcosRAT Malware Is Targeting African Banks

Heimadal Security

APRIL 14, 2022

This RAT can be used for a variety of reasons, including surveillance and penetration testing, and has even been employed in hacking campaigns in […]. The post RemcosRAT Malware Is Targeting African Banks appeared first on Heimdal Security Blog.

Banking

Banking Penetration Testing Malware Surveillance

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Security Affairs

NOVEMBER 11, 2022

Lookout researchers discovered two long-running surveillance campaigns targeting the ethnic minority Uyghurs. Researchers from mobile security firm Lookout uncovered two long-running surveillance campaigns targeting the Uyghurs minority. Bazar is a lesser known spelling of Bazaar.” ” reads the report published by Lookout.

Surveillance

Surveillance Spyware Malware Mobile

Operation Spalax, an ongoing malware campaign targeting Colombian entities

Security Affairs

JANUARY 14, 2021

Security experts from ESET uncovered an ongoing surveillance campaign, dubbed Operation Spalax , against Colombian government institutions and private companies. Malware researchers from ESET uncovered an ongoing surveillance campaign, dubbed Operation Spalax , against Colombian entities exclusively. Pierluigi Paganini.

Malware

Malware Surveillance Phishing Government

North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy

Security Affairs

MARCH 13, 2025

North Korea-linked threat actor ScarCruft (aka APT37 , Reaper, and Group123) is behind a previously undetected Android surveillance tool namedKoSpythat was used to target Korean and English-speaking users. The researchers state that the threat is a relatively new malware family with early samples going back to March 2022.

Spyware

Spyware Surveillance Encryption Malware

WhatsApp fixed a spoofing flaw that could enable Remote Code Execution

Security Affairs

APRIL 8, 2025

In February, Meta announced that it had discovered and dismantled a malware campaign via WhatsApp that targeted journalists and civil society members with the Paragon spyware (aka Graphite). The company confirmed that the issue was fixed in December 2024 without a client-side update, and no CVE-ID was assigned.

Spyware

Spyware Media Hacking Surveillance

Mobile Security companies are lining up for protection against Pegasus Malware

CyberSecurity Insiders

AUGUST 26, 2021

As the Pegasus malware nuisance is slowly found politically gripping the entire world, companies offering security solutions to mobile users are getting busy in finding out a solution that helps protect against the infection repercussions caused by the Pegasus Malware.

Mobile

Mobile Malware Surveillance Software

Israeli surveillance firm QuaDream is shutting down amidst spyware accusations

Security Affairs

APRIL 17, 2023

The Israeli surveillance firm QuaDream is allegedly shutting down its operations after Citizen Lab and Microsoft uncovered their spyware. Last week Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. and 14.4.2,

Surveillance

Surveillance Spyware Education Media

Apple fixed the first actively exploited zero-day of 2025

Security Affairs

JANUARY 27, 2025

Usually, such kinds of vulnerabilities are exploited by nation-state actors or commercial surveillance spyware vendors in targeted attacks. As usual, the company did not share details regarding the attacks exploiting the flaw. Customers are recommended to install the security updates released by the company.

Spyware

Spyware Surveillance Media Hacking

APT28 targets key networks in Europe with HeadLace malware

Security Affairs

JUNE 3, 2024

Russia-linked APT28 used the HeadLace malware and credential-harvesting web pages in attacks against networks across Europe. In December 2023, researchers from Proofpoint and IBM detailed a new wave of APT spear-phishing attacks relying on multiple lure content to deliver Headlace malware.

Malware

Malware Phishing Surveillance Internet

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

Security Affairs

MARCH 21, 2025

Russian intelligence agencies could use these exploits for surveillance and espionage purposes. Strategic Cyber Warfare In geopolitical conflicts, access to Telegram accounts and devices could provide military and intelligence advantages, such as intercepting sensitive communications, and identifying informants.

Government

Government Surveillance Mobile Hacking

Swiss rail vehicle manufacturer Stadler hit by a malware-based attack

Security Affairs

MAY 10, 2020

Attackers confirmed that attackers compromised the IT network of the company and deployed some of its machines with malware that was used to exfiltrate data from the infected devices. “Stadler internal surveillance services found out that the company’s IT network has been attacked by malware which has most likely led to a data leak.

Manufacturing

Manufacturing Malware Data breaches Cyber Attacks

New LightSpy spyware variant comes with enhanced data collection features targeting social media platforms

Security Affairs

FEBRUARY 26, 2025

The malware also grants attackers access to the devices system, enabling them to retrieve user KeyChain data, device lists, and execute shell commands, potentially gaining full control over the device. . “This is the first reference we are aware of Facebook and Instagram database targeting within LightSpy’s command structure.

Data collection

Data collection Spyware Media Surveillance

Russian National pleads guilty to conspiracy to plant malware on Tesla systems

Security Affairs

MARCH 19, 2021

The Russian national who attempted to convince a Tesla employee to plant malware on Tesla systems has pleaded guilty. Justice Department announced on Thursday that the Russian national Egor Igorevich Kriuchkov (27), who attempted to convince a Tesla employee to install malware on the company’s computers, has pleaded guilty.

Malware

Malware Surveillance Hacking Technology

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Hurd Wayne Hurd , VP of Sales, Luminys Video Surveillance as a Service (VSaaS) advancements will provide more accurate threat detection that allows security teams to focus on real risks, minimizing false alarms. Security teams will need to address the unique risks posed using LLMs in mission critical environments.

Cyber threats

Cyber threats CISO IoT Phishing

Android “System Update” malware steals photos, videos, GPS location

Malwarebytes

APRIL 1, 2021

A newly discovered piece of Android malware shares the same capabilities found within many modern stalkerware-type apps—it can swipe images and video, rifle through online searches, record phone calls and video, and peer into GPS location data—but the infrastructure behind the malware obscures its developer’s primary motivations.

Malware

Malware Spyware Advertising Surveillance

Experts discovered surveillance tool EagleMsgSpy used by Chinese law enforcement

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports

Webinars

Trending Sources

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

Webinars

U.S. Court rules against NSO Group in WhatsApp spyware Lawsuit

US NCSC and DoS share best practices against surveillance tools

China officially condemns Pegasus spyware surveillance and accuses US

Privacy Roundup: Week 3 of Year 2025

Google updates policies to ban any ads for surveillance solutions and services

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

New Screenshotter Malware Performs Surveillance Before Stealing Data

'Stealth Soldier' Attacks Target Libyan Government Entities With Surveillance Malware

White hat hackers gained access more than 150,000 surveillance cameras

EagleMsgSpy: Unmasking a Sophisticated Chinese Surveillance Tool

Surveillance firm’s leaked docs show the purchase of an $8M iOS RCE zero-day exploit?

Iranian govt uses BouldSpy Android malware for internal surveillance operations

Mollitiam Industries is the Newest Cyberweapons Arms Manufacturer

Massive iPhone Hack Targets Uyghurs

ScarCruft surveilling North Korean defectors and human rights activists

Netgear Routers' Flaws Expose Users to Malware, Remote Attacks, and Surveillance

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Is the Belarusian government behind the surveillance Android app banned by Google?

Windows Boot Manager Hijacked by FinFisher Malware

Poland probes Pegasus spyware abuse under the PiS government

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

LightSpy Spyware's macOS Variant Found with Advanced Surveillance Capabilities

Ferocious Kitten: 6 years of covert surveillance in Iran

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

QuaDream surveillance firm’s spyware targeted iPhones with zero-click exploit

Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure

RemcosRAT Malware Is Targeting African Banks

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Operation Spalax, an ongoing malware campaign targeting Colombian entities

North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy

WhatsApp fixed a spoofing flaw that could enable Remote Code Execution

Mobile Security companies are lining up for protection against Pegasus Malware

Israeli surveillance firm QuaDream is shutting down amidst spyware accusations

Apple fixed the first actively exploited zero-day of 2025

APT28 targets key networks in Europe with HeadLace malware

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

Swiss rail vehicle manufacturer Stadler hit by a malware-based attack

New LightSpy spyware variant comes with enhanced data collection features targeting social media platforms

Russian National pleads guilty to conspiracy to plant malware on Tesla systems

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

Android “System Update” malware steals photos, videos, GPS location

Stay Connected