Malware and Surveillance - Cyber Security Informer

Experts discovered surveillance tool EagleMsgSpy used by Chinese law enforcement

Security Affairs

DECEMBER 12, 2024

Chinese law enforcement uses the mobile surveillance tool EagleMsgSpy to gather data from Android devices, as detailed by Lookout. Researchers at the Lookout Threat Lab discovered a surveillance tool, dubbed EagleMsgSpy, used by Chinese law enforcement to spy on mobile devices. ” reads the report published by Lookout.

Surveillance

Surveillance Mobile Spyware Malware

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

Security Affairs

DECEMBER 16, 2024

Researchers warn of previously undetected surveillance spyware, named NoviSpy, that was found infecting a Serbian journalist’s phone. Then he requested help from Amnesty Internationals Security Lab fearing to be the target of surveillance software like other journalists in Serbia. Development traces back to at least 2018.

Spyware

Spyware Surveillance Technology Mobile

U.S. Court rules against NSO Group in WhatsApp spyware Lawsuit

Security Affairs

DECEMBER 23, 2024

Court documents state that on October 29, 2019, plaintiffs filed this lawsuit, alleging that the defendants used WhatsApp to target approximately 1,400 mobile phones and devices to infect them with the surveillance software. NSOs witnesses have refused to answer whether it developed further WhatsApp-based Malware Vectors thereafter.

Spyware

Spyware Surveillance Software Hacking

US NCSC and DoS share best practices against surveillance tools

Security Affairs

JANUARY 9, 2022

The US NCSC and the Department of State published joint guidance on defending against attacks using commercial surveillance tools. In the last years, we have reported several cases of companies selling commercial surveillance tools to governments and other entities that have used them for malicious purposes. Pierluigi Paganini.

Surveillance

Surveillance Mobile Spyware Malware

China officially condemns Pegasus spyware surveillance and accuses US

CyberSecurity Insiders

JULY 22, 2021

Chine Foreign Ministry has issued a public statement condemning the distribution and usage of Pegasus Spyware surveillance software by various countries. Now, to those uninitiated, Israel-based NSO Group developed Pegasus surveillance software that was meant for government organizations to spy on criminal suspects.

Surveillance

Surveillance Spyware Software Government

Privacy Roundup: Week 3 of Year 2025

Security Boulevard

JANUARY 20, 2025

Inside the Black Box of Predictive Travel Surveillance Wired Covers the use of powerful surveillance technology in predicting who might be a "threat." Vulnerabilities and Malware Primarily includes severe and exploited vulnerabilities in devices or software used by end users (ex: a major router firmware flaw).

Surveillance

Surveillance Malware Data breaches Scams

Google updates policies to ban any ads for surveillance solutions and services

Security Affairs

JULY 12, 2020

Google announced that starting from August it will update its policies to reject ads proposed by organizations offering surveillance software. The move aims at fighting the advertising of any form of surveillance. The tech giant announced that the update will be effective starting from August 11, 2020. Pierluigi Paganini.

Surveillance

Surveillance Spyware Advertising Marketing

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

Security Affairs

FEBRUARY 2, 2025

Meta announced the disruption of a malware campaign via WhatsApp that targeted journalists with the Paragon spyware. Meta announced that discovered and dismantled a malware campaign via WhatsApp that targeted journalists and civil society members with the Paragon spyware (aka Graphite). reads the court document.

Spyware

Spyware Hacking Surveillance Malware

New Screenshotter Malware Performs Surveillance Before Stealing Data

Heimadal Security

FEBRUARY 10, 2023

A new custom-made malware, the Screenshotter, surveils the victims before stealing data. The threat actor called TA886 is utilizing this malware to target users from the United States and Germany. Researchers first spotted the campaign in October 2022, but its activity increased in 2023.

Surveillance

Surveillance Malware Cybersecurity

'Stealth Soldier' Attacks Target Libyan Government Entities With Surveillance Malware

Dark Reading

JUNE 12, 2023

Surveillance malware targets Libyan government entities, with possible links to a 2019 Egypt attack campaign.

Surveillance

Surveillance Government Malware

White hat hackers gained access more than 150,000 surveillance cameras

Security Affairs

MARCH 10, 2021

A group of hackers claimed to have compromised more than 150,000 surveillance cameras at banks, jails, schools, and prominent companies like Tesla and Equinox. Hackers also posted images captured from the hacked surveillance video on Twitter with an #OperationPanopticon hashtag. SecurityAffairs – hacking, surveillance cameras).

Surveillance

Surveillance Hacking Banking Firmware

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Security Affairs

MARCH 20, 2025

The archive contains a fake PDF report and DarkTortilla malware, which acts as a launcher for the Dark Crystal RAT ( DCRat ). The modular architecture of the malware allows to extend its functionalities for multiple malicious purposes, including surveillance, reconnaissance, information theft, DDoS attacks, and arbitrary code execution.

Computers and Electronics

Computers and Electronics Telecommunications Malware Surveillance

Iranian govt uses BouldSpy Android malware for internal surveillance operations

Security Affairs

MAY 1, 2023

Iranian authorities have been spotted using the BouldSpy Android malware to spy on minorities and traffickers. Researchers at the Lookout Threat Lab have discovered a new Android surveillance spyware, dubbed BouldSpy, that was used by the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). continues the report.

Surveillance

Surveillance Malware Spyware Accountability

Surveillance firm’s leaked docs show the purchase of an $8M iOS RCE zero-day exploit?

Security Affairs

AUGUST 28, 2022

Leaked documents show the surveillance firm Intellexa offering exploits for iOS and Android devices for $8 Million. Intellexa is an Israeli surveillance firm founded by Israeli entrepreneur Tal Dilian, it offers surveillance and hacking solution to law enforcement and intelligence agencies. Pierluigi Paganini.

Surveillance

Surveillance Spyware Mobile Hacking

Mollitiam Industries is the Newest Cyberweapons Arms Manufacturer

Schneier on Security

JUNE 23, 2021

To evade detection, the malware makes use of the company’s so-called “invisible low stealth technology” and its Android product is advertised as having “low data and battery consumption” to prevent people from suspecting their phone or tablet has been infected.

Manufacturing

Manufacturing Spyware Surveillance Marketing

Massive iPhone Hack Targets Uyghurs

Schneier on Security

SEPTEMBER 3, 2019

China is being blamed for a massive surveillance operation that targeted Uyghur Muslims. Earlier this year, Google's Project Zero found a series of websites that have been using zero-day vulnerabilities to indiscriminately install malware on iPhones that would visit the site. The vulnerabilities were patched in iOS 12.1.4,

Hacking

Hacking Surveillance Malware Government

EagleMsgSpy: Unmasking a Sophisticated Chinese Surveillance Tool

Penetration Testing

DECEMBER 11, 2024

Researchers at the Lookout Threat Lab have identified a sophisticated surveillance tool, dubbed EagleMsgSpy, reportedly used by law enforcement agencies in mainland China. The tool, operational since at least 2017,... The post EagleMsgSpy: Unmasking a Sophisticated Chinese Surveillance Tool appeared first on Cybersecurity News.

Surveillance

Surveillance Cybersecurity Spyware Malware

German authorities raid the offices of the FinFisher surveillance firm

Security Affairs

OCTOBER 14, 2020

Earlier this month, German authorities have raided the offices of FinFisher, the German surveillance software firm, accused of providing its software to oppressive regimes. The post German authorities raid the offices of the FinFisher surveillance firm appeared first on Security Affairs. Pierluigi Paganini.

Surveillance

Surveillance Spyware Advertising Software

European firm DSIRF behind the attacks with Subzero surveillance malware

Security Affairs

JULY 28, 2022

Microsoft linked a private-sector offensive actor (PSOA) to attacks using multiple zero-day exploits for its Subzero malware. The group targets entities in Europe and Central America with a surveillance tool dubbed Subzero. SecurityAffairs – hacking, Subzero malware). ” concludes Microsoft. Pierluigi Paganini.

Surveillance

Surveillance Malware Authentication Accountability

Netgear Routers' Flaws Expose Users to Malware, Remote Attacks, and Surveillance

The Hacker News

MAY 12, 2023

Successful exploits could allow attackers to monitor users' internet activity, hijack internet connections, and redirect traffic to malicious websites or inject malware into network traffic," Claroty security researcher Uri Katz said in a

Surveillance

Surveillance Malware Internet Internet

Is the Belarusian government behind the surveillance Android app banned by Google?

Security Affairs

SEPTEMBER 3, 2020

According to an anonymous Belarusian security researcher the app was designed for surveillance purposes, it collects info on the device owner and geolocation data, then periodically sends the data back to a remote server. The post Is the Belarusian government behind the surveillance Android app banned by Google? site (89.223.89[.]47).”

Surveillance

Surveillance Government Advertising Malware

Windows Boot Manager Hijacked by FinFisher Malware

Heimadal Security

SEPTEMBER 29, 2021

The FinFisher surveillance solution was developed by the Gamma Group but it also comes with malware-like capabilities often found in spyware strains. The post Windows Boot Manager Hijacked by FinFisher Malware appeared first on Heimdal Security Blog. Researchers Investigated […].

Malware

Malware Spyware Surveillance Government

Poland probes Pegasus spyware abuse under the PiS government

Security Affairs

DECEMBER 3, 2024

According to rumors, the Polish special services are using surveillance software to spy on government opponents. In June 2022, the controversial Israeli surveillance vendor NSO Group told the European Union lawmakers that its Pegasus spyware was used by at least five countries in the region.

Spyware

Spyware Government Surveillance Hacking

North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy

Security Affairs

MARCH 13, 2025

North Korea-linked threat actor ScarCruft (aka APT37 , Reaper, and Group123) is behind a previously undetected Android surveillance tool namedKoSpythat was used to target Korean and English-speaking users. The researchers state that the threat is a relatively new malware family with early samples going back to March 2022.

Spyware

Spyware Surveillance Encryption Malware

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

Security Affairs

JUNE 24, 2022

Researchers from Google’s Threat Analysis Group (TAG) revealed that the Italian surveillance firm RCS Labs was helped by some Internet service providers (ISPs) in Italy and Kazakhstan to infect Android and iOS users with their spyware. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Surveillance

Surveillance Mobile Spyware Telecommunications

LightSpy Spyware's macOS Variant Found with Advanced Surveillance Capabilities

The Hacker News

JUNE 7, 2024

The findings come from both Huntress Labs and ThreatFabric, which separately analyzed the artifacts associated with the cross-platform malware framework that likely possesses capabilities to infect Android, iOS, Windows, macOS,

Spyware

Spyware Surveillance Malware Cybersecurity

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

Security Affairs

MARCH 21, 2025

Russian intelligence agencies could use these exploits for surveillance and espionage purposes. Strategic Cyber Warfare In geopolitical conflicts, access to Telegram accounts and devices could provide military and intelligence advantages, such as intercepting sensitive communications, and identifying informants.

Government

Government Surveillance Mobile Hacking

Ferocious Kitten: 6 years of covert surveillance in Iran

SecureList

JUNE 16, 2021

The malware dropped from the aforementioned document is dubbed ‘MarkiRAT’ and used to record keystrokes, clipboard content, provide file download and upload capabilities as well as the ability to execute arbitrary commands on the victim machine. Background. Analysis of MarkiRAT. hxxp://C2/ech/client.php?u=[computername]_[username]&k=[AV_value].

Surveillance

Surveillance Malware Password Management Passwords

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

Security Affairs

JUNE 17, 2022

Experts uncovered an enterprise-grade surveillance malware dubbed Hermit used to target individuals in Kazakhstan, Syria, and Italy since 2019. Lookout Threat Lab researchers uncovered enterprise-grade Android surveillance spyware, named Hermit, used by the government of Kazakhstan to track individuals within the country.

Spyware

Spyware Surveillance Telecommunications Mobile

QuaDream surveillance firm’s spyware targeted iPhones with zero-click exploit

Security Affairs

APRIL 12, 2023

At least five members of civil society worldwide have been targeted with spyware and exploits developed by surveillance firm QuaDream. Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. ” concludes Citizen Lab.

Spyware

Spyware Surveillance Malware Government

RemcosRAT Malware Is Targeting African Banks

Heimadal Security

APRIL 14, 2022

This RAT can be used for a variety of reasons, including surveillance and penetration testing, and has even been employed in hacking campaigns in […]. The post RemcosRAT Malware Is Targeting African Banks appeared first on Heimdal Security Blog.

Banking

Banking Penetration Testing Malware Surveillance

Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure

Security Affairs

SEPTEMBER 16, 2024

The IT giant fears that the disclosures of its threat intelligence related to commercial spyware operations could aid NSO and other surveillance firms. federal court for illegally targeting its customers with the surveillance spyware Pegasus. ” reads the court filing.

Surveillance

Surveillance Spyware Risk Hacking

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Security Affairs

NOVEMBER 11, 2022

Lookout researchers discovered two long-running surveillance campaigns targeting the ethnic minority Uyghurs. Researchers from mobile security firm Lookout uncovered two long-running surveillance campaigns targeting the Uyghurs minority. Bazar is a lesser known spelling of Bazaar.” ” reads the report published by Lookout.

Surveillance

Surveillance Spyware Malware Mobile

Operation Spalax, an ongoing malware campaign targeting Colombian entities

Security Affairs

JANUARY 14, 2021

Security experts from ESET uncovered an ongoing surveillance campaign, dubbed Operation Spalax , against Colombian government institutions and private companies. Malware researchers from ESET uncovered an ongoing surveillance campaign, dubbed Operation Spalax , against Colombian entities exclusively. Pierluigi Paganini.

Malware

Malware Surveillance Phishing Government

EU officials were targeted with Israeli surveillance software

Security Affairs

APRIL 13, 2022

According to a report published by Reuters, an Israeli surveillance software was used to spy on senior officials in the European Commission. ” NSO sent a statement to Reuters to exclude the involvement of its surveillance tools in the attacks reported by the agency. Follow me on Twitter: @securityaffairs and Facebook.

Surveillance

Surveillance Software Spyware Hacking

Mobile Security companies are lining up for protection against Pegasus Malware

CyberSecurity Insiders

AUGUST 26, 2021

As the Pegasus malware nuisance is slowly found politically gripping the entire world, companies offering security solutions to mobile users are getting busy in finding out a solution that helps protect against the infection repercussions caused by the Pegasus Malware.

Mobile

Mobile Malware Surveillance Software

Israeli surveillance firm QuaDream is shutting down amidst spyware accusations

Security Affairs

APRIL 17, 2023

The Israeli surveillance firm QuaDream is allegedly shutting down its operations after Citizen Lab and Microsoft uncovered their spyware. Last week Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. and 14.4.2,

Surveillance

Surveillance Spyware Education Media

Security of Health Information

Schneier on Security

MARCH 5, 2020

To do so, they are using a variety of digital communications and surveillance systems. Numerous health surveillance systems are monitoring the spread of COVID-19 cases, including the CDC's influenza surveillance network. This includes cybersecurity, security, risk management, surveillance, and containment measures.

Surveillance

Surveillance Hacking Government Risk

APT28 targets key networks in Europe with HeadLace malware

Security Affairs

JUNE 3, 2024

Russia-linked APT28 used the HeadLace malware and credential-harvesting web pages in attacks against networks across Europe. In December 2023, researchers from Proofpoint and IBM detailed a new wave of APT spear-phishing attacks relying on multiple lure content to deliver Headlace malware.

Malware

Malware Phishing Surveillance Internet

Apple fixed the first actively exploited zero-day of 2025

Security Affairs

JANUARY 27, 2025

Usually, such kinds of vulnerabilities are exploited by nation-state actors or commercial surveillance spyware vendors in targeted attacks. As usual, the company did not share details regarding the attacks exploiting the flaw. Customers are recommended to install the security updates released by the company.

Spyware

Spyware Surveillance Media Hacking

Swiss rail vehicle manufacturer Stadler hit by a malware-based attack

Security Affairs

MAY 10, 2020

Attackers confirmed that attackers compromised the IT network of the company and deployed some of its machines with malware that was used to exfiltrate data from the infected devices. “Stadler internal surveillance services found out that the company’s IT network has been attacked by malware which has most likely led to a data leak.

Manufacturing

Manufacturing Malware Data breaches Cyber Attacks

New LightSpy spyware variant comes with enhanced data collection features targeting social media platforms

Security Affairs

FEBRUARY 26, 2025

The malware also grants attackers access to the devices system, enabling them to retrieve user KeyChain data, device lists, and execute shell commands, potentially gaining full control over the device. . “This is the first reference we are aware of Facebook and Instagram database targeting within LightSpy’s command structure.

Data collection

Data collection Spyware Media Surveillance

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Hurd Wayne Hurd , VP of Sales, Luminys Video Surveillance as a Service (VSaaS) advancements will provide more accurate threat detection that allows security teams to focus on real risks, minimizing false alarms. Security teams will need to address the unique risks posed using LLMs in mission critical environments.

Cyber threats

Cyber threats CISO IoT Phishing

Russian National pleads guilty to conspiracy to plant malware on Tesla systems

Security Affairs

MARCH 19, 2021

The Russian national who attempted to convince a Tesla employee to plant malware on Tesla systems has pleaded guilty. Justice Department announced on Thursday that the Russian national Egor Igorevich Kriuchkov (27), who attempted to convince a Tesla employee to install malware on the company’s computers, has pleaded guilty.

Malware

Malware Surveillance Hacking Technology

Experts discovered surveillance tool EagleMsgSpy used by Chinese law enforcement

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

Trending Sources

U.S. Court rules against NSO Group in WhatsApp spyware Lawsuit

US NCSC and DoS share best practices against surveillance tools

China officially condemns Pegasus spyware surveillance and accuses US

Privacy Roundup: Week 3 of Year 2025

Google updates policies to ban any ads for surveillance solutions and services

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

New Screenshotter Malware Performs Surveillance Before Stealing Data

'Stealth Soldier' Attacks Target Libyan Government Entities With Surveillance Malware

White hat hackers gained access more than 150,000 surveillance cameras

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Iranian govt uses BouldSpy Android malware for internal surveillance operations

Surveillance firm’s leaked docs show the purchase of an $8M iOS RCE zero-day exploit?

Mollitiam Industries is the Newest Cyberweapons Arms Manufacturer

Massive iPhone Hack Targets Uyghurs

EagleMsgSpy: Unmasking a Sophisticated Chinese Surveillance Tool

German authorities raid the offices of the FinFisher surveillance firm

European firm DSIRF behind the attacks with Subzero surveillance malware

Netgear Routers' Flaws Expose Users to Malware, Remote Attacks, and Surveillance

Is the Belarusian government behind the surveillance Android app banned by Google?

Windows Boot Manager Hijacked by FinFisher Malware

Poland probes Pegasus spyware abuse under the PiS government

North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

LightSpy Spyware's macOS Variant Found with Advanced Surveillance Capabilities

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

Ferocious Kitten: 6 years of covert surveillance in Iran

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

QuaDream surveillance firm’s spyware targeted iPhones with zero-click exploit

RemcosRAT Malware Is Targeting African Banks

Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Operation Spalax, an ongoing malware campaign targeting Colombian entities

EU officials were targeted with Israeli surveillance software

Mobile Security companies are lining up for protection against Pegasus Malware

Israeli surveillance firm QuaDream is shutting down amidst spyware accusations

Security of Health Information

APT28 targets key networks in Europe with HeadLace malware

Apple fixed the first actively exploited zero-day of 2025

Swiss rail vehicle manufacturer Stadler hit by a malware-based attack

New LightSpy spyware variant comes with enhanced data collection features targeting social media platforms

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

Russian National pleads guilty to conspiracy to plant malware on Tesla systems

Stay Connected