2014, Information Security and Spyware - Cyber Security Informer

Commercial spyware vendors are behind most zero-day exploits discovered by Google TAG

Security Affairs

FEBRUARY 6, 2024

Google’s TAG revealed that Commercial spyware vendors (CSV) were behind most of the zero-day vulnerabilities discovered in 2023. Out of the 72 known in-the-wild 0-day exploits targeting Google products since mid-2014, 35 of them were used by CSVs. Google hopes this report will serve as a call to action.

Spyware

Spyware Surveillance Government Software

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

Security Affairs

JULY 20, 2023

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. Upon installing the two spyware, they request extensive device permissions.

Spyware

Spyware Surveillance Mobile Malware

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

Security Affairs

JUNE 22, 2020

Researchers at Amnesty International collected evidence that a Moroccan journalist was targeted with network injection attacks using NSO Group ‘s spyware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware

Spyware Surveillance Mobile Advertising

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

APT32 state hackers target human rights defenders with spyware

Security Affairs

FEBRUARY 24, 2021

The threat actors used by spyware to take over the target systems, spy on the victims, and exfiltrate data. Since at least 2014, experts at FireEye have observed APT32 targeting foreign corporations with an interest in Vietnam’s manufacturing, consumer products, and hospitality sectors. Pierluigi Paganini.

Spyware

Spyware Surveillance Government Phishing

Facebook vs NSO Group lawsuit: 1,400+ users were targeted with Pegasus spyware

Security Affairs

APRIL 25, 2020

Facebook advocates have challenged a plea from spyware maker NSO Group to dismiss the legal dispute over the hacking accusations, arguing it has immunity from prosecution. Now both companies are providing technical details requested by the cyber-security experts. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware

Spyware Surveillance Advertising Mobile

XCSSET Mac spyware spreads via Xcode Projects

Security Affairs

AUGUST 15, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post XCSSET Mac spyware spreads via Xcode Projects appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – hacking, XCSSET).

Spyware

Spyware Malware Advertising Cryptocurrency

WhatsApp zero-day exploited in targeted attacks to deliver NSO spyware

Security Affairs

MAY 14, 2019

Facebook fixed a critical zero-day flaw in WhatsApp that has been exploited to remotely install spyware on phones by calling the targeted device. Facebook has recently patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device.

Spyware

Spyware Surveillance Mobile Software

Earth Empusa targets minority group with Android ActionSpy spyware

Security Affairs

JUNE 15, 2020

The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. ActionSpy, which may have been around since 2017, is an Android spyware that allows the attacker to collect information from the compromised devices,” reads the report published by Trend Micro.

Spyware

Spyware Advertising Encryption Phishing

WhatsApp flaw CVE-2019-11931 could be exploited to install spyware

Security Affairs

NOVEMBER 16, 2019

The popular messaging platform WhatsApp made the headlines again, a new bug could be exploited by hackers to secretly install spyware. In May, Facebook patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device.

Spyware

Spyware Advertising Mobile Information Security

Experts found Joker Spyware in 24 apps in the Google Play store

Security Affairs

SEPTEMBER 8, 2019

Security experts at Google have removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” ” Google has removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” The C&C URL 6. Pierluigi Paganini.

Spyware

Spyware Advertising Malware Cryptocurrency

New FinFisher spyware used to spy on iOS and Android users in 20 countries

Security Affairs

JULY 11, 2019

Malware researchers from Kaspersky have discovered new and improved versions of the infamous FinFisher spyware used to infect both Android and iOS devices. Experts at Kaspersky have discovered a new improved variant of the FinFisher spyware used to spy on both iOS and Android users in 20 countries. Pierluigi Paganini.

Spyware

Spyware Mobile Advertising Architecture

Mandrake, a high sophisticated Android spyware used in targeted attacks

Security Affairs

MAY 18, 2020

Security experts discovered a highly sophisticated Android spyware platform, dubbed Mandrake, that remained undetected for four years. Researchers from Bitdefender discovered a high-sophisticated Android spyware platform dubbed Mandrake, it was involved in highly targeted attacks against specific devices. Pierluigi Paganini.

Spyware

Spyware Malware Advertising Banking

ViceLeaker Android spyware targets users in the Middle East

Security Affairs

JULY 1, 2019

Experts at Kaspersky have uncovered a spyware campaign dubbed ViceLeaker that spreads in the Middle East to spy on Android users. . Kaspersky spotted a spyware campaign, tracked as ViceLeaker, that spreads in the Middle East to steal device and communications data from Android users. . Pierluigi Paganini.

Spyware

Spyware Mobile Advertising Malware

Regin spyware involved in attack against the Russian tech giant Yandex

Security Affairs

JUNE 28, 2019

Many experts linked the Regin malware to the Five Eyes alliance , they found alleged references to the super spyware in a number of presentations leaked by Edward Snowden and according to malware researchers, it has been used in targeted attacks against government agencies in the EU and the Belgian telecoms company Belgacom.

Spyware

Spyware Malware Advertising Authentication

Android Spyware Monokle, developed by Russian defense contractor, used in targeted attacks

Security Affairs

JULY 25, 2019

Researchers at Lookout discovered a new mobile spyware dubbed Monokle that was developed by a Russian defense contractor. Experts at Lookout discovered a new Android mobile spyware in the wild, dubbed Monokle, that was developed by a Russian defense contractor named Special Technology Centre Ltd. ( Pierluigi Paganini.

Spyware

Spyware Surveillance Mobile Advertising

Experts spotted a rare Linux Desktop spyware dubbed EvilGnome

Security Affairs

JULY 18, 2019

The researchers attribute the spyware to the Russia-linked and Gamaredon Group. The modules used by EvilGnome are reminiscent of the Windows tools used by the Gamaredon Group, other analogies include the use of SFX, persistence with task scheduler and the deployment of information stealers. Pierluigi Paganini.

Spyware

Spyware Malware Advertising Cyber Attacks

Unknown FinSpy Mac and Linux versions found in Egypt

Security Affairs

SEPTEMBER 27, 2020

Experts from Amnesty International uncovered a surveillance campaign that targeted Egyptian civil society organizations with a new version of FinSpy spyware. The binaries are obfuscated and do some checks to detect if the spyware is running in a Virtual Machine. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware

Spyware Surveillance Mobile Advertising

Swedish Government grants police the use of spyware against violent crime suspects

Security Affairs

OCTOBER 24, 2019

The Sweden government is going to authorize the use of spyware on suspects’ devices to spy on their communications and track them. ” Starting from March 1, 2020, the Police Authority, the Security Police, the Customs Administration and the Swedish Crime Agency will be granted extended powers with the proposal.

Spyware

Spyware Government Surveillance Encryption

Hackers threaten to leak a copy of the World-Check database used to assess potential risks associated with entities

Security Affairs

APRIL 22, 2024

The list also includes criminals, suspected terrorists, intelligence operatives and a European spyware firm. Compromised data vary by individuals and organizations, it includes names, passport numbers, Social Security numbers, online crypto account identifiers and bank account numbers, and more.

Risk

Risk Spyware Hacking Accountability

Google updates policies to ban any ads for surveillance solutions and services

Security Affairs

JULY 12, 2020

. “In August 2020, the Google Ads Enabling Dishonest Behavior policy will be updated to clarify restrictions on advertising for spyware and surveillance technology.”reads Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Surveillance

Surveillance Spyware Advertising Marketing

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

Security Affairs

AUGUST 12, 2020

Agent Tesla is a spyware that is used to spy on the victims by collecting keystrokes, system clipboard, screenshots, and credentials from the infected system. To do this, the spyware creates different threads and timer functions in the main function. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Passwords

Passwords Spyware VPN Malware

German authorities raid the offices of the FinFisher surveillance firm

Security Affairs

OCTOBER 14, 2020

In September, Amnesty International uncovered a new surveillance campaign that targeted Egyptian civil society organizations with previously undisclosed versions of the infamous FinSpy surveillance spyware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Surveillance

Surveillance Spyware Software Advertising

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. “With this in mind, we see that UEFI continues to be a point of interest to APT actors, while at large being overlooked by security vendors.”

Firmware

Firmware Spyware Surveillance Hacking

GravityRAT malware also targets Android and macOS

Security Affairs

OCTOBER 19, 2020

Researchers spotted new variants of the Windows GravityRAT spyware that now can also infect Android and macOS devices. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware Computers and Electronics Spyware Advertising

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Security Affairs

SEPTEMBER 18, 2020

Every third email, meanwhile, contained spyware , which is used by threat actors to steal payment data or other sensitive info to then put it on sale in the darknet or blackmail its owner. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, ransomware).

Phishing

Phishing Ransomware Spyware Banking

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Security Affairs

APRIL 8, 2020

In May, Facebook has patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” Who will win? Facebook or NSO Group?

Surveillance

Surveillance Spyware Advertising Government

Amnesty International filed a lawsuit against Israeli surveillance firm NSO

Security Affairs

MAY 20, 2019

Amnesty International filed a lawsuit against Israeli surveillance firm NSO and fears its staff may be targeted by the company with its Pegasus spyware. In July, Citizen Lab collected evidence of attacks against 175 targets worldwide carried on with the NSO spyware. Pierluigi Paganini.

Surveillance

Surveillance Spyware Software Government

Security Affairs newsletter Round 269

Security Affairs

JUNE 21, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Security Affairs newsletter Round 269 appeared first on Security Affairs. authorities sanction six Nigerian nationals for BEC and Romance Fraud.

DDOS

DDOS Spyware Mobile Advertising

WhatsApp sued Israeli surveillance firm NSO Group and its parent Q Cyber Technologies

Security Affairs

OCTOBER 30, 2019

In May, Facebook has patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device. Today @WhatsApp is taking a stand against the dangerous use of spyware. This abuse must be stopped. Pierluigi Paganini.

Surveillance

Surveillance Technology Spyware Mobile

Phishers prefer Tesla, top 3 malware strains in Coronavirus phishing campaigns

Security Affairs

APRIL 9, 2020

Spyware turned out to be the most common malware class hiding in fraudulent COVID-19 emails, with AgentTesla topping the list of phishers’ favorite strains. Spyware: the most likely COVID-19 payload. Most COVID-19-related phishing emails analyzed had different spyware strains embedded as attachments. Source: CERT-GIB.

Phishing

Phishing Malware Spyware DDOS

Security Affairs newsletter Round 270

Security Affairs

JUNE 28, 2020

Every week the best security articles from Security Affairs free for you in your email box. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

DDOS

DDOS Spyware Advertising Healthcare

Google revealed how watering hole attacks compromised iPhone devices earlier this year

Security Affairs

AUGUST 30, 2019

Threat actors used at least five unique iPhone exploit chains that allowed them to remotely jailbreak a device and deliver spyware. The spyware implant was also able to steal the database files from popular end-to-end encryption apps like Whatsapp, Telegram, and iMessage. Pierluigi Paganini. SecurityAffairs – iPhone, hacking).

Spyware

Spyware Hacking Advertising Encryption

Google removes 17 Joker -infected apps from the Play Store

Security Affairs

SEPTEMBER 27, 2020

The spyware is able to steal SMS messages, contact lists and device information along with to sign victims up for premium service subscriptions. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware Advertising Spyware Encryption

Security Affairs newsletter Round 261

Security Affairs

APRIL 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – newsletter, hacking).

Spyware

Spyware Hacking Advertising Antivirus

North Korea-Linked APT Group Kimsuky spotted using new malware

Security Affairs

NOVEMBER 2, 2020

Researchers at Cybereason’s Nocturnus team published a new report that includes details on two new pieces of malware associated with the North-Korea linked APT, modular spyware called KGH_SPY and a downloader called CSPY Downloader. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Spyware Advertising Government

Security Affairs newsletter Round 277

Security Affairs

AUGUST 16, 2020

gun exchange site on hacking forum Threat Report Portugal: Q2 2020 Emotet malware employed in fresh COVID19-themed spam campaign PoC exploit code for two Apache Struts 2 flaws available online XCSSET Mac spyware spreads via Xcode Projects. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Spyware

Spyware Hacking Advertising Passwords

PhantomLance, a four-year-long cyberespionage spying campaign

Security Affairs

APRIL 28, 2020

The PhantomLance malware implements classic spyware functionalities, it could exfiltrate user data, phone call logs, SMS messages, contacts, and GPS data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. . Pierluigi Paganini.

Malware

Malware Advertising Spyware Marketing

Security Affairs newsletter Round 265

Security Affairs

MAY 24, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Data breaches

Data breaches Spyware Advertising Manufacturing

UN approves Russia-Cina sponsored resolution on new cybercrime convention

Security Affairs

DECEMBER 30, 2019

Security experts have detected and analyzed some of the tools in its arsenals, such as the popular Pegasus spyware (for iOS) and Chrysaor (for Android). In September 2018, a report published by Citizen Lab revealed that the NSO Pegasus spyware was used against targets across 45 countries worldwide. Pierluigi Paganini.

Cybercrime

Cybercrime Surveillance Spyware Government

New Android BlackRock malware targets hundreds of apps

Security Affairs

JULY 16, 2020

. “With the changes that we expect to be made to mobile banking Trojans, the line between banking malware and spyware becomes thinner, banking malware will pose a threat for more organizations and their infrastructure, an organic change that we observed on windows banking malware years ago.”

Malware

Malware Banking Mobile Spyware

New Coronavirus-themed malspam campaign delivers FormBook Malware

Security Affairs

MARCH 8, 2020

The final payload is the FormBook information-stealing Trojan, a malware that was first spotted by researchers at FireEye in October 2017. FormBook data-stealing malware was used with cyber espionage purposes, like other spyware it is capable of extracting data from HTTP sessions, keystroke logging, stealing clipboard contents.

Malware

Malware Scams Social Engineering Phishing

Security Affairs newsletter Round 222 – News of the week

Security Affairs

JULY 13, 2019

UK ICO proposes a $123 million fine for Marriott 2014 data breach. New FinFisher spyware used to spy on iOS and Android users in 20 countries. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Data breaches

Data breaches Spyware Advertising Government

Evilnum Group targets European and British fintech companies

Security Affairs

JULY 10, 2020

The JS script would also act as a dropper for additional payloads, including a C# spyware, Golden Chickens components, and Python-based applications. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

eCommerce

eCommerce Advertising Malware Spyware

SimJacker attack allows hacking any phone with just an SMS

Security Affairs

SEPTEMBER 12, 2019

“The main Simjacker attack involves an SMS containing a specific type of spyware-like code being sent to a mobile phone, which then instructs the SIM Card within the phone to ‘take over’ the mobile phone to retrieve and perform sensitive commands.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Mobile Spyware Manufacturing

Commercial spyware vendors are behind most zero-day exploits discovered by Google TAG

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

Webinars

Trending Sources

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

Webinars

APT32 state hackers target human rights defenders with spyware

Facebook vs NSO Group lawsuit: 1,400+ users were targeted with Pegasus spyware

XCSSET Mac spyware spreads via Xcode Projects

WhatsApp zero-day exploited in targeted attacks to deliver NSO spyware

Earth Empusa targets minority group with Android ActionSpy spyware

WhatsApp flaw CVE-2019-11931 could be exploited to install spyware

Experts found Joker Spyware in 24 apps in the Google Play store

New FinFisher spyware used to spy on iOS and Android users in 20 countries

Mandrake, a high sophisticated Android spyware used in targeted attacks

ViceLeaker Android spyware targets users in the Middle East

Regin spyware involved in attack against the Russian tech giant Yandex

Android Spyware Monokle, developed by Russian defense contractor, used in targeted attacks

Experts spotted a rare Linux Desktop spyware dubbed EvilGnome

Unknown FinSpy Mac and Linux versions found in Egypt

Swedish Government grants police the use of spyware against violent crime suspects

Hackers threaten to leak a copy of the World-Check database used to assess potential risks associated with entities

Google updates policies to ban any ads for surveillance solutions and services

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

German authorities raid the offices of the FinFisher surveillance firm

Second-ever UEFI rootkit used in North Korea-themed attacks

GravityRAT malware also targets Android and macOS

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Amnesty International filed a lawsuit against Israeli surveillance firm NSO

Security Affairs newsletter Round 269

WhatsApp sued Israeli surveillance firm NSO Group and its parent Q Cyber Technologies

Phishers prefer Tesla, top 3 malware strains in Coronavirus phishing campaigns

Security Affairs newsletter Round 270

Google revealed how watering hole attacks compromised iPhone devices earlier this year

Google removes 17 Joker -infected apps from the Play Store

Security Affairs newsletter Round 261

North Korea-Linked APT Group Kimsuky spotted using new malware

Security Affairs newsletter Round 277

PhantomLance, a four-year-long cyberespionage spying campaign

Security Affairs newsletter Round 265

UN approves Russia-Cina sponsored resolution on new cybercrime convention

New Android BlackRock malware targets hundreds of apps

New Coronavirus-themed malspam campaign delivers FormBook Malware

Security Affairs newsletter Round 222 – News of the week

Evilnum Group targets European and British fintech companies

SimJacker attack allows hacking any phone with just an SMS

Stay Connected