2014, Hacking, Malware and Spyware - Cyber Security Informer

Commercial spyware vendors are behind most zero-day exploits discovered by Google TAG

Security Affairs

FEBRUARY 6, 2024

Google’s TAG revealed that Commercial spyware vendors (CSV) were behind most of the zero-day vulnerabilities discovered in 2023. Out of the 72 known in-the-wild 0-day exploits targeting Google products since mid-2014, 35 of them were used by CSVs. Google hopes this report will serve as a call to action. ” concludes Google.

Spyware

Spyware Surveillance Government Software

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

Security Affairs

JULY 20, 2023

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. Upon installing the two spyware, they request extensive device permissions.

Spyware

Spyware Surveillance Mobile Malware

Phishing attacks use an old Microsoft Office flaw to spread Agent Tesla malware

Security Affairs

DECEMBER 21, 2023

Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882, to spread the Agent Tesla malware. Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882 (CVSS score: 7.8), as part of phishing campaigns to spread the Agent Tesla malware.

Malware

Malware Phishing Spyware Cyber threats

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

XCSSET Mac spyware spreads via Xcode Projects

Security Affairs

AUGUST 15, 2020

A new Mac malware, tracked as XCSSET, spreads through Xcode projects and exploits two zero-day vulnerabilities, experts warn. XCSSET is a new Mac malware that spreads through Xcode projects and exploits two zero-day vulnerabilities to steal sensitive information from target systems and launch ransomware attacks.

Spyware

Spyware Malware Advertising Cryptocurrency

APT32 state hackers target human rights defenders with spyware

Security Affairs

FEBRUARY 24, 2021

The threat actors used by spyware to take over the target systems, spy on the victims, and exfiltrate data. Since at least 2014, experts at FireEye have observed APT32 targeting foreign corporations with an interest in Vietnam’s manufacturing, consumer products, and hospitality sectors. SecurityAffairs – hacking, APT32).

Spyware

Spyware Surveillance Government Phishing

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

Security Affairs

JUNE 22, 2020

Researchers at Amnesty International collected evidence that a Moroccan journalist was targeted with network injection attacks using NSO Group ‘s spyware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware

Spyware Surveillance Mobile Advertising

GravityRAT malware also targets Android and macOS

Security Affairs

OCTOBER 19, 2020

Researchers spotted new variants of the Windows GravityRAT spyware that now can also infect Android and macOS devices. Researchers from Kaspersky Lab have spotted new variants of the GravityRAT malware that now can be also used to infect Android and macOS devices. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Computers and Electronics Spyware Advertising

Experts found Joker Spyware in 24 apps in the Google Play store

Security Affairs

SEPTEMBER 8, 2019

Security experts at Google have removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” ” Google has removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” continues the expert. ” states the analysis.

Spyware

Spyware Advertising Malware Cryptocurrency

Orcus RAT Author Charged in Malware Scheme

Krebs on Security

NOVEMBER 13, 2019

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT , a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. This week, Canadian authorities criminally charged him with orchestrating an international malware scheme.

Malware

Malware Advertising Marketing System Administration

Mandrake, a high sophisticated Android spyware used in targeted attacks

Security Affairs

MAY 18, 2020

Security experts discovered a highly sophisticated Android spyware platform, dubbed Mandrake, that remained undetected for four years. Researchers from Bitdefender discovered a high-sophisticated Android spyware platform dubbed Mandrake, it was involved in highly targeted attacks against specific devices. ” continues the report.

Spyware

Spyware Malware Advertising Banking

New FinFisher spyware used to spy on iOS and Android users in 20 countries

Security Affairs

JULY 11, 2019

Malware researchers from Kaspersky have discovered new and improved versions of the infamous FinFisher spyware used to infect both Android and iOS devices. Experts at Kaspersky have discovered a new improved variant of the FinFisher spyware used to spy on both iOS and Android users in 20 countries. Pierluigi Paganini.

Spyware

Spyware Mobile Advertising Architecture

Earth Empusa targets minority group with Android ActionSpy spyware

Security Affairs

JUNE 15, 2020

The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. ActionSpy, which may have been around since 2017, is an Android spyware that allows the attacker to collect information from the compromised devices,” reads the report published by Trend Micro.

Spyware

Spyware Advertising Encryption Phishing

New Shlayer Mac malware spreads via poisoned search engine results

Security Affairs

JUNE 21, 2020

Shlayer Mac malware is back, the Mac threat is now spreading through new black SEO operations. Researchers spotted a new version of the Shlayer Mac malware that is spreading via poisoned Google search results. The malware can be used to download other malicious payloads, including malware or adware. up to 10.14.3.

Engineering

Engineering Malware Adware Antivirus

Exodus, a government malware that infected innocent victims

Security Affairs

MARCH 30, 2019

Security researchers have found a new government spyware, tracked as Exodus, that was distributed through the Google Play Store. The malware was tracked as Exodus, after the name of the command and control servers the malicious apps connected to.

Government

Government Malware Spyware Surveillance

Regin spyware involved in attack against the Russian tech giant Yandex

Security Affairs

JUNE 28, 2019

Allegedly Western nation-state actors breached the systems of Russian tech giant Yandex in 2018, the attack involved a new variant of the Regin malware. According to the Reuters, Western state-sponsored hackers breached the systems of the Russian tech giant Yandex in 2018, the attack involved a new variant of the Regin malware.

Spyware

Spyware Malware Advertising Authentication

Joker malware still able to bypass Google Play Store checks

Security Affairs

FEBRUARY 22, 2020

The infamous Joker malware has found a way to bypass the security checks to be published in the official Play Store, new clicker was found by experts. The spyware is able to steal SMS messages, contact lists, and device information and to sign victims up for premium service subscriptions. wpaper com. vailsmsplus.

Malware

Malware Spyware Advertising Mobile

North Korea-Linked APT Group Kimsuky spotted using new malware

Security Affairs

NOVEMBER 2, 2020

North Korea-linked APT group Kimsuky was recently spotted using a new piece of malware in attacks on government agencies and human rights activists. The new malware appears to have been developed recently, but threat actors might have used Backdating, or timestomping to thwart analysis attempts (anti-forensics).

Malware

Malware Spyware Advertising Government

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

A China-linked threat actor used UEFI malware based on code from Hacking Team in attacks aimed at organizations with an interest in North Korea. Researchers from Kaspersky have spotted a UEFI malware that was involved in attacks on organizations with an interest in North Korea. SecurityAffairs – hacking, UEFI).

Firmware

Firmware Spyware Surveillance Hacking

New Coronavirus-themed malspam campaign delivers FormBook Malware

Security Affairs

MARCH 8, 2020

Experts uncovered a new Coronavirus (COVID-19 ) -themed campaign that is distributing a malware downloader that delivers the FormBook information-stealing Trojan. Experts at MalwareHunterTeam uncovered a new malspam campaign exploiting the fear in the Coronavirus (COVID-19) to deliver malware. states the analysis published by FireEye.

Malware

Malware Scams Social Engineering Phishing

Unknown FinSpy Mac and Linux versions found in Egypt

Security Affairs

SEPTEMBER 27, 2020

Experts from Amnesty International uncovered a surveillance campaign that targeted Egyptian civil society organizations with a new version of FinSpy spyware. The binaries are obfuscated and do some checks to detect if the spyware is running in a Virtual Machine. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware

Spyware Surveillance Mobile Advertising

Experts spotted a rare Linux Desktop spyware dubbed EvilGnome

Security Affairs

JULY 18, 2019

Intezer spotted a new piece of Linux malware dubbed EvilGnome because it disguises as a Gnome extension. The researchers attribute the spyware to the Russia-linked and Gamaredon Group. The attack starts with spear-phishing emails containing weaponized attachments, the malware is distributed via Russian hosting providers.

Spyware

Spyware Malware Advertising Cyber Attacks

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

Security Affairs

AUGUST 12, 2020

Agent Tesla is a spyware that is used to spy on the victims by collecting keystrokes, system clipboard, screenshots, and credentials from the infected system. To do this, the spyware creates different threads and timer functions in the main function. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. .

Passwords

Passwords Spyware VPN Malware

New Android BlackRock malware targets hundreds of apps

Security Affairs

JULY 16, 2020

Researchers spotted a new Android banking trojan dubbed BlackRock malware that steals credentials and credit card data from hundreds of apps. The BlackRock malware borrows the code from the Xerxes banking malware, which is a strain of the popular LokiBot Android trojan.

Malware

Malware Banking Mobile Spyware

Joker malware apps bypassed Google’s Play Store security checks

Security Affairs

JULY 9, 2020

Check Point research discovered that the Joker (aka Bread) Android malware once again has bypassed protections implemented by Google for its Play Store. “Check Point’s researchers recently discovered a new variant of the Joker Dropper and Premium Dialer spyware in Google Play. . SecurityAffairs – hacking, Joker).

Malware

Malware Spyware Mobile Advertising

Android Spyware Monokle, developed by Russian defense contractor, used in targeted attacks

Security Affairs

JULY 25, 2019

Researchers at Lookout discovered a new mobile spyware dubbed Monokle that was developed by a Russian defense contractor. Experts at Lookout discovered a new Android mobile spyware in the wild, dubbed Monokle, that was developed by a Russian defense contractor named Special Technology Centre Ltd. ( Pierluigi Paganini.

Spyware

Spyware Surveillance Mobile Advertising

Google removed 1.7K+ Joker Malware infected apps from its Play Store

Security Affairs

JANUARY 12, 2020

Google revealed it successfully removed more than 1,700 apps from the Play Store over the past three years that had been infected with the Joker malware. Google provided technical details of its activity against the Joker malware (aka Bread) operation during the last few years.

Malware

Malware Spyware Advertising Mobile

The Belgacom hack was the work of the UK GCHQ intelligence agency

Security Affairs

OCTOBER 28, 2018

Belgian newspaper reported that investigators had found proof that the Belgacom hack was the work of the UK GCHQ intelligence agency. Back to September 2013, Belgacom (now Proximus), the largest telecommunications company in Belgium and primarily state-owned, announced its IT infrastructure had suffered a malware-based attack.

Hacking

Hacking Spyware Telecommunications Malware

Google updates policies to ban any ads for surveillance solutions and services

Security Affairs

JULY 12, 2020

. “In August 2020, the Google Ads Enabling Dishonest Behavior policy will be updated to clarify restrictions on advertising for spyware and surveillance technology.”reads Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Surveillance

Surveillance Spyware Advertising Marketing

Scranos – A Cross Platform, Rootkit-Enabled Spyware rapidly spreading

Security Affairs

APRIL 16, 2019

Scranos is a powerful cross-platform rootkit-enabled spyware discovered while investigating malware posing as legitimate software like video players, drivers and even anti-virus products. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – scranos malware, malware).

Spyware

Spyware Adware Malware Accountability

SimJacker attack allows hacking any phone with just an SMS

Security Affairs

SEPTEMBER 12, 2019

“The main Simjacker attack involves an SMS containing a specific type of spyware-like code being sent to a mobile phone, which then instructs the SIM Card within the phone to ‘take over’ the mobile phone to retrieve and perform sensitive commands.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Mobile Spyware Manufacturing

Spearphishing attacks hit the oil and gas industry sector

Security Affairs

APRIL 21, 2020

Hackers launched spear-phishing attacks against organizations in the oil and gas industry sector spreading the Agent Tesla info-stealer malware. The attacks aim at infecting victims with the infamous Agent Tesla info-stealer malware. To do this, the spyware creates different threads and timer functions in the main function.

Spyware

Spyware Manufacturing Malware Engineering

Security Affairs newsletter Round 269

Security Affairs

JUNE 21, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, newsletter). A new round of the weekly SecurityAffairs newsletter arrived! authorities sanction six Nigerian nationals for BEC and Romance Fraud.

DDOS

DDOS Spyware Mobile Advertising

German authorities raid the offices of the FinFisher surveillance firm

Security Affairs

OCTOBER 14, 2020

In September, Amnesty International uncovered a new surveillance campaign that targeted Egyptian civil society organizations with previously undisclosed versions of the infamous FinSpy surveillance spyware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, K-Electric).

Surveillance

Surveillance Spyware Software Advertising

Google removes 17 Joker -infected apps from the Play Store

Security Affairs

SEPTEMBER 27, 2020

Google removed this week 17 Android apps from its Play Store because they were infected with the Joker (aka Bread) malware, Zscaler revealed. Security researchers from Zscaler spotter 17 apps in the Play Store that were infected with the Joker (Bread) malware. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Advertising Spyware Encryption

A new sophisticated version of the AZORult Spyware appeared in the wild

Security Affairs

JULY 30, 2018

A new sophisticated version of the AZORult Spyware was spotted in the wild, it was involved in a large email campaign on July 18. Malware researchers at Proofpoint spotted a new version of the AZORult Spyware in the wild, it was involved in a large email campaign on July 18, just 24 hours it appeared in cybercrime forums on the Dark Web.

Spyware

Spyware Cryptocurrency Passwords Malware

PhantomLance, a four-year-long cyberespionage spying campaign

Security Affairs

APRIL 28, 2020

The malware was an info stealer and according to the researchers, it was part of a long-term campaign, tracked as “PhantomLance” that has been active at least since December 2015. We informed Google of the malware, and it was removed from the market shortly after.” ” reads the analysis published by Kaspersky.

Malware

Malware Advertising Spyware Marketing

After SIMJacker, WIBattack hacking technique disclosed. Billions of users at risk

Security Affairs

SEPTEMBER 28, 2019

Researchers are warning of a new variant of recently disclosed SimJacker attack, dubbed WIBattack , that could expose millions of mobile phones to remote hacking. WIBattack is a new variant of the recently discovered Simjacker attack method that could expose millions of mobile phones to remote hacking. ” reported SRLLabs.

Hacking

Hacking Mobile Risk Advertising

Security Affairs newsletter Round 270

Security Affairs

JUNE 28, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

DDOS

DDOS Spyware Advertising Healthcare

Operation Earth Kitsune: hackers target the Korean diaspora

Security Affairs

OCTOBER 30, 2020

Threat actors behind the Operation Earth Kitsune used SLUB (for SLack and githUB) malware and two new backdoors tracked as dneSpy and agfSpy to exfiltrate data from the infected systems and for taking over them. Experts discovered that the exploit was infecting the victim machine with three separate malware samples. Pierluigi Paganini.

Advertising

Advertising Spyware Malware Internet

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Security Affairs

SEPTEMBER 18, 2020

Ransomware , the headliner of the previous half-year, walked off stage: only 1 percent of emails analyzed by Group-IB’s Computer Emergency Response Team (CERT-GIB) contained this kind of malware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, ransomware).

Phishing

Phishing Ransomware Spyware Banking

Google Detects and Boots Tizi Spyware Off Google Play

Threatpost

NOVEMBER 28, 2017

Google discovered a spyware app that uses nearly a dozen old vulnerabilities to root devices and steal sensitive data from social media applications.

Spyware

Spyware Media Mobile Malware

Google revealed how watering hole attacks compromised iPhone devices earlier this year

Security Affairs

AUGUST 30, 2019

Google researchers discovered that iPhone devices could be hacked by tricking owners into visiting specially crafted websites. Researchers at Google Project Zero discovered that it was possible to hack iPhone devices by visiting specially crafted websites. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware

Spyware Hacking Advertising Encryption

Security Affairs newsletter Round 261

Security Affairs

APRIL 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Spyware

Spyware Hacking Advertising Antivirus

Security Affairs newsletter Round 222 – News of the week

Security Affairs

JULY 13, 2019

Croatia government agencies targeted with news SilentTrinity malware. Experts uncovered a new Magecart campaign that hacked over 960 stores. Kaspersky report: Malware shared by USCYBERCOM first seen in December 2016. Severe vulnerabilities allow hacking older GE anesthesia machines. Pierluigi Paganini.

Data breaches

Data breaches Spyware Advertising Government

Commercial spyware vendors are behind most zero-day exploits discovered by Google TAG

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

Webinars

Trending Sources

Phishing attacks use an old Microsoft Office flaw to spread Agent Tesla malware

Webinars

XCSSET Mac spyware spreads via Xcode Projects

APT32 state hackers target human rights defenders with spyware

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

GravityRAT malware also targets Android and macOS

Experts found Joker Spyware in 24 apps in the Google Play store

Orcus RAT Author Charged in Malware Scheme

Mandrake, a high sophisticated Android spyware used in targeted attacks

New FinFisher spyware used to spy on iOS and Android users in 20 countries

Earth Empusa targets minority group with Android ActionSpy spyware

New Shlayer Mac malware spreads via poisoned search engine results

Exodus, a government malware that infected innocent victims

Regin spyware involved in attack against the Russian tech giant Yandex

Joker malware still able to bypass Google Play Store checks

North Korea-Linked APT Group Kimsuky spotted using new malware

Second-ever UEFI rootkit used in North Korea-themed attacks

New Coronavirus-themed malspam campaign delivers FormBook Malware

Unknown FinSpy Mac and Linux versions found in Egypt

Experts spotted a rare Linux Desktop spyware dubbed EvilGnome

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

New Android BlackRock malware targets hundreds of apps

Joker malware apps bypassed Google’s Play Store security checks

Android Spyware Monokle, developed by Russian defense contractor, used in targeted attacks

Google removed 1.7K+ Joker Malware infected apps from its Play Store

The Belgacom hack was the work of the UK GCHQ intelligence agency

Google updates policies to ban any ads for surveillance solutions and services

Scranos – A Cross Platform, Rootkit-Enabled Spyware rapidly spreading

SimJacker attack allows hacking any phone with just an SMS

Spearphishing attacks hit the oil and gas industry sector

Security Affairs newsletter Round 269

German authorities raid the offices of the FinFisher surveillance firm

Google removes 17 Joker -infected apps from the Play Store

A new sophisticated version of the AZORult Spyware appeared in the wild

PhantomLance, a four-year-long cyberespionage spying campaign

After SIMJacker, WIBattack hacking technique disclosed. Billions of users at risk

Security Affairs newsletter Round 270

Operation Earth Kitsune: hackers target the Korean diaspora

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Google Detects and Boots Tizi Spyware Off Google Play

Google revealed how watering hole attacks compromised iPhone devices earlier this year

Security Affairs newsletter Round 261

Security Affairs newsletter Round 222 – News of the week

Stay Connected