2014 and Spyware - Cyber Security Informer

Commercial spyware vendors are behind most zero-day exploits discovered by Google TAG

Security Affairs

FEBRUARY 6, 2024

Google’s TAG revealed that Commercial spyware vendors (CSV) were behind most of the zero-day vulnerabilities discovered in 2023. Out of the 72 known in-the-wild 0-day exploits targeting Google products since mid-2014, 35 of them were used by CSVs. Google hopes this report will serve as a call to action.

Spyware

Spyware Surveillance Government Software

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

Security Affairs

JULY 20, 2023

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. Upon installing the two spyware, they request extensive device permissions.

Spyware

Spyware Surveillance Mobile Malware

Agent Tesla Spyware Used in Phishing Campaign

Heimadal Security

DECEMBER 14, 2021

Agent Tesla initially detected in late 2014, is a known spyware aimed at collecting sensitive data from a victim’s device, such as stored application credentials and keyboard inputs (keylogger). The post Agent Tesla Spyware Used in Phishing Campaign appeared first on Heimdal Security Blog.

Spyware

Spyware Phishing Internet Internet

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

Security Affairs

JUNE 22, 2020

Researchers at Amnesty International collected evidence that a Moroccan journalist was targeted with network injection attacks using NSO Group ‘s spyware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware

Spyware Surveillance Mobile Advertising

APT32 state hackers target human rights defenders with spyware

Security Affairs

FEBRUARY 24, 2021

The threat actors used by spyware to take over the target systems, spy on the victims, and exfiltrate data. Since at least 2014, experts at FireEye have observed APT32 targeting foreign corporations with an interest in Vietnam’s manufacturing, consumer products, and hospitality sectors. Pierluigi Paganini.

Spyware

Spyware Surveillance Government Phishing

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

Krebs on Security

SEPTEMBER 4, 2018

The latest mSpy security lapse comes days after a hacker reportedly broke into the servers of TheTruthSpy — another mobile spyware-as-a-service company — and stole logins, audio recordings, pictures and text messages from mobile devices running the software. In September 2014, U.S. In September 2014, U.S.

Spyware

Spyware Mobile Advertising Software

XCSSET Mac spyware spreads via Xcode Projects

Security Affairs

AUGUST 15, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post XCSSET Mac spyware spreads via Xcode Projects appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – hacking, XCSSET).

Spyware

Spyware Malware Advertising Cryptocurrency

Earth Empusa targets minority group with Android ActionSpy spyware

Security Affairs

JUNE 15, 2020

The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. ActionSpy, which may have been around since 2017, is an Android spyware that allows the attacker to collect information from the compromised devices,” reads the report published by Trend Micro.

Spyware

Spyware Advertising Encryption Phishing

WhatsApp flaw CVE-2019-11931 could be exploited to install spyware

Security Affairs

NOVEMBER 16, 2019

The popular messaging platform WhatsApp made the headlines again, a new bug could be exploited by hackers to secretly install spyware. In May, Facebook patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device.

Spyware

Spyware Advertising Mobile Information Security

Experts found Joker Spyware in 24 apps in the Google Play store

Security Affairs

SEPTEMBER 8, 2019

Security experts at Google have removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” ” Google has removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” The C&C URL 6. Pierluigi Paganini.

Spyware

Spyware Advertising Malware Cryptocurrency

New FinFisher spyware used to spy on iOS and Android users in 20 countries

Security Affairs

JULY 11, 2019

Malware researchers from Kaspersky have discovered new and improved versions of the infamous FinFisher spyware used to infect both Android and iOS devices. Experts at Kaspersky have discovered a new improved variant of the FinFisher spyware used to spy on both iOS and Android users in 20 countries. Pierluigi Paganini.

Spyware

Spyware Mobile Advertising Architecture

Mandrake, a high sophisticated Android spyware used in targeted attacks

Security Affairs

MAY 18, 2020

Security experts discovered a highly sophisticated Android spyware platform, dubbed Mandrake, that remained undetected for four years. Researchers from Bitdefender discovered a high-sophisticated Android spyware platform dubbed Mandrake, it was involved in highly targeted attacks against specific devices. Pierluigi Paganini.

Spyware

Spyware Malware Advertising Banking

Regin spyware involved in attack against the Russian tech giant Yandex

Security Affairs

JUNE 28, 2019

Many experts linked the Regin malware to the Five Eyes alliance , they found alleged references to the super spyware in a number of presentations leaked by Edward Snowden and according to malware researchers, it has been used in targeted attacks against government agencies in the EU and the Belgian telecoms company Belgacom.

Spyware

Spyware Malware Advertising Authentication

Android Spyware Monokle, developed by Russian defense contractor, used in targeted attacks

Security Affairs

JULY 25, 2019

Researchers at Lookout discovered a new mobile spyware dubbed Monokle that was developed by a Russian defense contractor. Experts at Lookout discovered a new Android mobile spyware in the wild, dubbed Monokle, that was developed by a Russian defense contractor named Special Technology Centre Ltd. ( Pierluigi Paganini.

Spyware

Spyware Surveillance Mobile Advertising

App tainted with Ahmyst Open-source spyware appeared on Google Play Store twice

Security Affairs

AUGUST 22, 2019

The popular malware researcher Lukas Stefanko from ESET discovered that a malicious spyware, built on the AhMyth open-source espionage tool, was uploaded on Google Play twice over two weeks, bypassing Google security checks. “ ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” wrote Stafanko.

Spyware

Spyware Advertising Malware Mobile

Experts spotted a rare Linux Desktop spyware dubbed EvilGnome

Security Affairs

JULY 18, 2019

The researchers attribute the spyware to the Russia-linked and Gamaredon Group. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the analysis published by Intezer. Pierluigi Paganini.

Spyware

Spyware Malware Advertising Cyber Attacks

Unknown FinSpy Mac and Linux versions found in Egypt

Security Affairs

SEPTEMBER 27, 2020

Experts from Amnesty International uncovered a surveillance campaign that targeted Egyptian civil society organizations with a new version of FinSpy spyware. The binaries are obfuscated and do some checks to detect if the spyware is running in a Virtual Machine. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware

Spyware Surveillance Mobile Advertising

Parental control spyware app Family Orbit hacked, pictures of hundreds of monitored children were exposed

Security Affairs

SEPTEMBER 4, 2018

The company that sells the parental control spyware app Family Orbit has been hacked, pictures of hundreds of monitored children were left online. The company that sells the parental control spyware app Family Orbit has been hacked, the pictures of hundreds of monitored children were left online only protected by a password.

Spyware

Spyware Hacking Data breaches Passwords

Phishing attacks use an old Microsoft Office flaw to spread Agent Tesla malware

Security Affairs

DECEMBER 21, 2023

Agent Tesla is a spyware that is used to spy on the victims by collecting keystrokes, system clipboard, screenshots, and credentials from the infected system. To do this, the spyware creates different threads and timer functions in the main function.

Malware

Malware Phishing Spyware Cyber threats

Scranos – A Cross Platform, Rootkit-Enabled Spyware rapidly spreading

Security Affairs

APRIL 16, 2019

Scranos is a powerful cross-platform rootkit-enabled spyware discovered while investigating malware posing as legitimate software like video players, drivers and even anti-virus products. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The report also includes the IoCs for this last campaign.

Spyware

Spyware Adware Malware Accountability

Hackers threaten to leak a copy of the World-Check database used to assess potential risks associated with entities

Security Affairs

APRIL 22, 2024

The list also includes criminals, suspected terrorists, intelligence operatives and a European spyware firm. In June 2016, security researcher Chris Vickery found a copy of the World-Check database dated 2014 that was accidentally exposed online.

Risk

Risk Spyware Hacking Accountability

Google updates policies to ban any ads for surveillance solutions and services

Security Affairs

JULY 12, 2020

. “In August 2020, the Google Ads Enabling Dishonest Behavior policy will be updated to clarify restrictions on advertising for spyware and surveillance technology.”reads Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Surveillance

Surveillance Spyware Advertising Marketing

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

Security Affairs

AUGUST 12, 2020

Agent Tesla is a spyware that is used to spy on the victims by collecting keystrokes, system clipboard, screenshots, and credentials from the infected system. To do this, the spyware creates different threads and timer functions in the main function. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Passwords

Passwords Spyware VPN Malware

Google Detects and Boots Tizi Spyware Off Google Play

Threatpost

NOVEMBER 28, 2017

Google discovered a spyware app that uses nearly a dozen old vulnerabilities to root devices and steal sensitive data from social media applications.

Spyware

Spyware Media Mobile Malware

German authorities raid the offices of the FinFisher surveillance firm

Security Affairs

OCTOBER 14, 2020

In September, Amnesty International uncovered a new surveillance campaign that targeted Egyptian civil society organizations with previously undisclosed versions of the infamous FinSpy surveillance spyware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Surveillance

Surveillance Spyware Software Advertising

A new sophisticated version of the AZORult Spyware appeared in the wild

Security Affairs

JULY 30, 2018

A new sophisticated version of the AZORult Spyware was spotted in the wild, it was involved in a large email campaign on July 18. Malware researchers at Proofpoint spotted a new version of the AZORult Spyware in the wild, it was involved in a large email campaign on July 18, just 24 hours it appeared in cybercrime forums on the Dark Web.

Spyware

Spyware Cryptocurrency Passwords Malware

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware

Firmware Spyware Surveillance Hacking

Exodus, a government malware that infected innocent victims

Security Affairs

MARCH 30, 2019

Security researchers have found a new government spyware, tracked as Exodus, that was distributed through the Google Play Store. The researchers argue that the surveillance operation might have targeted also innocent victims because the spyware was poorly developed, a circumstance that is confirmed makes the software illegal.

Government

Government Malware Spyware Surveillance

GravityRAT malware also targets Android and macOS

Security Affairs

OCTOBER 19, 2020

Researchers spotted new variants of the Windows GravityRAT spyware that now can also infect Android and macOS devices. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware Computers and Electronics Spyware Advertising

Spearphishing attacks hit the oil and gas industry sector

Security Affairs

APRIL 21, 2020

Agent Tesla is a.Net-based info-stealing malware that was first spotted in 2014, it is used to spy on the victims by collecting keystrokes, system clipboard, screenshots, and credentials from the infected system. To do this, the spyware creates different threads and timer functions in the main function. ” continues the analysis.

Spyware

Spyware Manufacturing Malware Engineering

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Security Affairs

APRIL 8, 2020

In May, Facebook has patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” Who will win? Facebook or NSO Group?

Surveillance

Surveillance Spyware Advertising Government

Joker malware still able to bypass Google Play Store checks

Security Affairs

FEBRUARY 22, 2020

The fight to the Joker malware (aka Bread) begun in September 2019 when security experts at Google removed from the official Play Store 24 apps because they were infected with a new spyware tracked as “ the Joker. ”. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware Spyware Advertising Mobile

Snowden speaks about the role of surveillance firm NSO Group in Khashoggi murder

Security Affairs

NOVEMBER 9, 2018

In July, Citizen Lab collected evidence of attacks against 175 targets worldwide carried on with the NSO spyware. YEAR(S) IN WHICH SPYWARE INFECTION WAS ATTEMPTED. In August, an Amnesty International report confirmed that its experts identified a second human rights activist, in Saudi Arabia, who was targeted with the powerful spyware.

Surveillance

Surveillance Spyware Software Advertising

Google removed 1.7K+ Joker Malware infected apps from its Play Store

Security Affairs

JANUARY 12, 2020

The spyware is able to steal SMS messages, contact lists and device information along with to sign victims up for premium service subscriptions. The Joker spyware checks for SIM cards associated with one of the above countries. This approach allows the Joker spyware to make it hard static analysis. Pierluigi Paganini.

Malware

Malware Spyware Advertising Mobile

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Security Affairs

SEPTEMBER 18, 2020

Every third email, meanwhile, contained spyware , which is used by threat actors to steal payment data or other sensitive info to then put it on sale in the darknet or blackmail its owner. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, ransomware).

Phishing

Phishing Ransomware Spyware Banking

Security Affairs newsletter Round 269

Security Affairs

JUNE 21, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. authorities sanction six Nigerian nationals for BEC and Romance Fraud. Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

DDOS

DDOS Spyware Mobile Advertising

Security Affairs newsletter Round 270

Security Affairs

JUNE 28, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

DDOS

DDOS Spyware Advertising Healthcare

Experts spotted the iOS version of the Exodus surveillance app

Security Affairs

APRIL 9, 2019

In the last weeks, a new Android surveillance malware dubbed Exodus made the headlines, now expert found the iOS version of the government spyware. The iOS version of Exodus is less sophisticated than the Android one, but it is still perfect spyware with the ability to exfiltrate a broad range of information from iPhone devices (i.e.

Surveillance

Surveillance Spyware Phishing Malware

Google revealed how watering hole attacks compromised iPhone devices earlier this year

Security Affairs

AUGUST 30, 2019

Threat actors used at least five unique iPhone exploit chains that allowed them to remotely jailbreak a device and deliver spyware. The spyware implant was also able to steal the database files from popular end-to-end encryption apps like Whatsapp, Telegram, and iMessage. Pierluigi Paganini. SecurityAffairs – iPhone, hacking).

Spyware

Spyware Hacking Advertising Encryption

Joker malware apps bypassed Google’s Play Store security checks

Security Affairs

JULY 9, 2020

“Check Point’s researchers recently discovered a new variant of the Joker Dropper and Premium Dialer spyware in Google Play. The spyware is able to steal SMS messages, contact lists, and device information and to sign victims up for premium service subscriptions. . ” reads the analysis published by CheckPoint.

Malware

Malware Spyware Mobile Advertising

New Shlayer Mac malware spreads via poisoned search engine results

Security Affairs

JUNE 21, 2020

“This newly re-engineered malware purports to be a legitimate Flash Player installer, but it has the capability to surreptitiously download and install additional unwanted packages containing adware or spyware,” continues the analysis. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. up to 10.14.3.

Engineering

Engineering Malware Adware Antivirus

Operation Earth Kitsune: hackers target the Korean diaspora

Security Affairs

OCTOBER 30, 2020

Attackers have deployed the spyware on websites associated with North Korea, but experts pointed out that access to these sites is blocked for visitors from South Korean IP addresses. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the analysis published by Trend Micro.

Advertising

Advertising Spyware Malware Internet

Security Affairs newsletter Round 261

Security Affairs

APRIL 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – newsletter, hacking).

Spyware

Spyware Hacking Advertising Antivirus

North Korea-Linked APT Group Kimsuky spotted using new malware

Security Affairs

NOVEMBER 2, 2020

Researchers at Cybereason’s Nocturnus team published a new report that includes details on two new pieces of malware associated with the North-Korea linked APT, modular spyware called KGH_SPY and a downloader called CSPY Downloader. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Spyware Advertising Government

Commercial spyware vendors are behind most zero-day exploits discovered by Google TAG

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

Webinars

Trending Sources

Agent Tesla Spyware Used in Phishing Campaign

Webinars

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

APT32 state hackers target human rights defenders with spyware

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

XCSSET Mac spyware spreads via Xcode Projects

Earth Empusa targets minority group with Android ActionSpy spyware

WhatsApp flaw CVE-2019-11931 could be exploited to install spyware

Experts found Joker Spyware in 24 apps in the Google Play store

New FinFisher spyware used to spy on iOS and Android users in 20 countries

Mandrake, a high sophisticated Android spyware used in targeted attacks

Regin spyware involved in attack against the Russian tech giant Yandex

Android Spyware Monokle, developed by Russian defense contractor, used in targeted attacks

App tainted with Ahmyst Open-source spyware appeared on Google Play Store twice

Experts spotted a rare Linux Desktop spyware dubbed EvilGnome

Unknown FinSpy Mac and Linux versions found in Egypt

Parental control spyware app Family Orbit hacked, pictures of hundreds of monitored children were exposed

Phishing attacks use an old Microsoft Office flaw to spread Agent Tesla malware

Scranos – A Cross Platform, Rootkit-Enabled Spyware rapidly spreading

Hackers threaten to leak a copy of the World-Check database used to assess potential risks associated with entities

Google updates policies to ban any ads for surveillance solutions and services

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

Google Detects and Boots Tizi Spyware Off Google Play

German authorities raid the offices of the FinFisher surveillance firm

A new sophisticated version of the AZORult Spyware appeared in the wild

Second-ever UEFI rootkit used in North Korea-themed attacks

Exodus, a government malware that infected innocent victims

GravityRAT malware also targets Android and macOS

Spearphishing attacks hit the oil and gas industry sector

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Joker malware still able to bypass Google Play Store checks

Snowden speaks about the role of surveillance firm NSO Group in Khashoggi murder

Google removed 1.7K+ Joker Malware infected apps from its Play Store

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Security Affairs newsletter Round 269

Security Affairs newsletter Round 270

Experts spotted the iOS version of the Exodus surveillance app

Google revealed how watering hole attacks compromised iPhone devices earlier this year

Joker malware apps bypassed Google’s Play Store security checks

New Shlayer Mac malware spreads via poisoned search engine results

Operation Earth Kitsune: hackers target the Korean diaspora

Security Affairs newsletter Round 261

North Korea-Linked APT Group Kimsuky spotted using new malware

Stay Connected