Security Affairs

SEPTEMBER 27, 2020

Experts from Amnesty International uncovered a surveillance campaign that targeted Egyptian civil society organizations with a new version of FinSpy spyware. Since 2011 it was employed in attacks aimed at Human Rights Defenders (HRDs) in many countries, including Bahrain, Ethiopia, UAE, and more.

Spyware 138

Spyware Surveillance Mobile Advertising 138

Malwarebytes

APRIL 11, 2023

The term was first used by Brian Krebs in 2011 after a proof of concept was conducted at DEF CON by Wall of Sheep. There are many categories of malware that cybercriminals could install through juice jacking, including adware, cryptominers, ransomware, spyware, or Trojans.

Mobile 98

Mobile Banking Malware Spyware 98

Security Affairs

MARCH 27, 2023

The threat actor abused Bitly shortener and an ad hoc BlogSpot account to protect the malicious code, lastly stored in an encrypted zip archive hosted on Mega.nz. Lower.exe, a sample of “GCleaner” spyware, historically, this piece of malware was initially faking CCleaner to drop additional malware ( link ).

Malware 81

Malware Social Engineering Encryption Marketing 81

SecureList

SEPTEMBER 28, 2021

Kaspersky has been tracking deployments of this spyware since 2011. Both of them are encrypted with RC4. All communications between the server are encrypted with RC4. The Trojan’s Cryptography Library to encrypt/decrypt exchanged data. The encrypted VFS file. Names differ between samples.

Encryption 141

Encryption Malware Spyware Architecture 141

SecureList

MARCH 1, 2021

The word “covid” in various combinations was typically used in the names of packages hiding spyware and banking Trojans, adware or Trojan droppers. This is a typical example of the kind of old-school text-message scams that were popular in 2011 and 2012. Pandemic theme in mobile threats. apk and coviddetect.apk.

Mobile 132

Mobile Malware Adware Banking 132

SecureList

APRIL 27, 2021

During routine monitoring of detections for FinFisher spyware tools, we discovered traces that point to recent FinFly Web deployments. We have discovered new evidence showing that Domestic Kitten has been using PE executables to target victims using Windows since at least 2013, with some evidence that it goes back to 2011.

Malware 138

Malware Spyware Government Social Engineering 138

Herjavec Group

AUGUST 26, 2021

2008 — Heartland Payment Systems — 134 million credit cards are exposed through SQL injection to install spyware on Heartland’s data systems. 2011 — Sony Pictures — A hack of Sony’s data storage exposes the records of over 100 million customers using their PlayStation’s online services. Dozens of individuals are charged. .

Cybercrime 135

Cybercrime Computers and Electronics Banking Hacking 135