Security Affairs

JUNE 15, 2020

The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. ActionSpy, which may have been around since 2017, is an Android spyware that allows the attacker to collect information from the compromised devices,” reads the report published by Trend Micro.

Spyware 106

Spyware Advertising Encryption Phishing 106

Security Affairs

SEPTEMBER 8, 2019

Security experts at Google have removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” ” Google has removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” The C&C URL 6. Pierluigi Paganini.

Spyware 111

Spyware Advertising Malware Cryptocurrency 111

Security Affairs

JUNE 17, 2022

Lookout Threat Lab researchers uncovered enterprise-grade Android surveillance spyware, named Hermit, used by the government of Kazakhstan to track individuals within the country. According to Lookout, the Hermit spyware was likely developed by Italian surveillance vendor RCS Lab S.p.A SecurityAffairs – hacking, Hermit spyware).

Spyware 106

Spyware Surveillance Telecommunications Mobile 106

Security Affairs

JULY 11, 2019

Malware researchers from Kaspersky have discovered new and improved versions of the infamous FinFisher spyware used to infect both Android and iOS devices. Experts at Kaspersky have discovered a new improved variant of the FinFisher spyware used to spy on both iOS and Android users in 20 countries. Pierluigi Paganini.

Spyware 111

Spyware Advertising Mobile Architecture 111

Security Affairs

NOVEMBER 16, 2019

The popular messaging platform WhatsApp made the headlines again, a new bug could be exploited by hackers to secretly install spyware. In May, Facebook patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device.

Spyware 111

Spyware Advertising Mobile Information Security 111

Security Affairs

JUNE 16, 2023

An updated version of the Android remote access trojan GravityRAT can steal WhatsApp backup files and can delete files ESET researchers discovered an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can delete files. The malware is distributed as the messaging apps BingeChat and Chatico.

Backups 98

Backups Spyware Malware Accountability 98

Security Affairs

MAY 18, 2020

Security experts discovered a highly sophisticated Android spyware platform, dubbed Mandrake, that remained undetected for four years. Researchers from Bitdefender discovered a high-sophisticated Android spyware platform dubbed Mandrake, it was involved in highly targeted attacks against specific devices. Pierluigi Paganini.

Spyware 113

Spyware Malware Advertising Banking 113

Security Affairs

JULY 25, 2019

Researchers at Lookout discovered a new mobile spyware dubbed Monokle that was developed by a Russian defense contractor. Experts at Lookout discovered a new Android mobile spyware in the wild, dubbed Monokle, that was developed by a Russian defense contractor named Special Technology Centre Ltd. ( Pierluigi Paganini.

Spyware 106

Spyware Surveillance Mobile Advertising 106

Security Affairs

JULY 18, 2019

The researchers attribute the spyware to the Russia-linked and Gamaredon Group. The modules used by EvilGnome are reminiscent of the Windows tools used by the Gamaredon Group, other analogies include the use of SFX, persistence with task scheduler and the deployment of information stealers. Pierluigi Paganini.

Spyware 109

Spyware Malware Advertising Cyber Attacks 109

Security Affairs

SEPTEMBER 27, 2020

Experts from Amnesty International uncovered a surveillance campaign that targeted Egyptian civil society organizations with a new version of FinSpy spyware. The binaries are obfuscated and do some checks to detect if the spyware is running in a Virtual Machine. ” reads the Amnesty’s report. Pierluigi Paganini.

Spyware 144

Spyware Surveillance Advertising Mobile 144

Security Affairs

JULY 12, 2020

. “In August 2020, the Google Ads Enabling Dishonest Behavior policy will be updated to clarify restrictions on advertising for spyware and surveillance technology.”reads Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ”reads the post published by Google. Pierluigi Paganini.

Surveillance 141

Surveillance Spyware Advertising Marketing 141

Security Affairs

OCTOBER 19, 2020

Researchers spotted new variants of the Windows GravityRAT spyware that now can also infect Android and macOS devices. The GravityRAT malware Access Trojan (RAT) is believed to be the work of Pakistani hacker groups, it is under development at least since 2015. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware 138

Malware Computers and Electronics Spyware Advertising 138

Security Affairs

OCTOBER 24, 2019

The Sweden government is going to authorize the use of spyware on suspects’ devices to spy on their communications and track them. ” Starting from March 1, 2020, the Police Authority, the Security Police, the Customs Administration and the Swedish Crime Agency will be granted extended powers with the proposal.

Spyware 75

Spyware Government Surveillance Encryption 75

Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. In 2015, the hacker who breached the systems of the Italian surveillance firm Hacking Team leaked a 400GB package containing hacking tools and exploits codes.

Firmware 145

Firmware Spyware Surveillance Hacking 145

Security Affairs

AUGUST 12, 2020

Agent Tesla is a spyware that is used to spy on the victims by collecting keystrokes, system clipboard, screenshots, and credentials from the infected system. To do this, the spyware creates different threads and timer functions in the main function. ” concludes the report that also includes indicators of compromise (IoCs).

Passwords 144

Passwords Spyware VPN Malware 144

Security Affairs

OCTOBER 14, 2020

In September, Amnesty International uncovered a new surveillance campaign that targeted Egyptian civil society organizations with previously undisclosed versions of the infamous FinSpy surveillance spyware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Surveillance 127

Surveillance Spyware Software Advertising 127

Security Affairs

APRIL 8, 2020

In May, Facebook has patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” Who will win? Facebook or NSO Group?

Surveillance 136

Surveillance Spyware Government Advertising 136

Security Affairs

SEPTEMBER 18, 2020

Every third email, meanwhile, contained spyware , which is used by threat actors to steal payment data or other sensitive info to then put it on sale in the darknet or blackmail its owner. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, ransomware).

Phishing 136

Phishing Ransomware Spyware Banking 136

Security Affairs

MAY 20, 2019

Amnesty International filed a lawsuit against Israeli surveillance firm NSO and fears its staff may be targeted by the company with its Pegasus spyware. In July, Citizen Lab collected evidence of attacks against 175 targets worldwide carried on with the NSO spyware. Pierluigi Paganini.

Surveillance 106

Surveillance Spyware Software Government 106

Security Affairs

APRIL 9, 2020

Spyware turned out to be the most common malware class hiding in fraudulent COVID-19 emails, with AgentTesla topping the list of phishers’ favorite strains. Spyware: the most likely COVID-19 payload. Most COVID-19-related phishing emails analyzed had different spyware strains embedded as attachments. Source: CERT-GIB.

Phishing 142

Phishing Malware Spyware DDOS 142

Security Affairs

JUNE 21, 2021

. “But there was certainly concern over a possible hack-attack from hostile states – or even friendly ones such as Saudi Arabia, after Crown Prince Mohammed bin Salman was suspected of accessing Amazon boss Jeff Bezos’s phone by planting spyware via a WhatsApp message.” ” reported the Mirror.

Risk 145

Risk Mobile Spyware Hacking 145

Security Affairs

APRIL 22, 2024

The list also includes criminals, suspected terrorists, intelligence operatives and a European spyware firm. Compromised data vary by individuals and organizations, it includes names, passport numbers, Social Security numbers, online crypto account identifiers and bank account numbers, and more.

Risk 139

Risk Spyware Hacking Accountability 139

Security Affairs

APRIL 28, 2020

The malware was an info stealer and according to the researchers, it was part of a long-term campaign, tracked as “PhantomLance” that has been active at least since December 2015. The PhantomLance malware implements classic spyware functionalities, it could exfiltrate user data, phone call logs, SMS messages, contacts, and GPS data.

Malware 141

Malware Advertising Spyware Hacking 141

Security Affairs

JUNE 28, 2020

Every week the best security articles from Security Affairs free for you in your email box. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Every week the best security articles from Security Affairs free for you in your email box. Pierluigi Paganini.

DDOS 119

DDOS Spyware Advertising Healthcare 119

Security Affairs

AUGUST 30, 2019

Threat actors used at least five unique iPhone exploit chains that allowed them to remotely jailbreak a device and deliver spyware. The spyware implant was also able to steal the database files from popular end-to-end encryption apps like Whatsapp, Telegram, and iMessage. Pierluigi Paganini. SecurityAffairs – iPhone, hacking).

Spyware 111

Spyware Hacking Advertising Encryption 111

Security Affairs

NOVEMBER 2, 2020

Researchers at Cybereason’s Nocturnus team published a new report that includes details on two new pieces of malware associated with the North-Korea linked APT, modular spyware called KGH_SPY and a downloader called CSPY Downloader. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware 134

Malware Spyware Advertising Government 134

Security Affairs

APRIL 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – newsletter, hacking).

Hacking 122

Hacking Spyware Advertising Antivirus 122

Security Affairs

AUGUST 23, 2019

Asruex first appeared in the threat landscape 2015, researchers linked it to the spyware used by the DarkHotel APT group. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the report published by Trend Micro. . Pierluigi Paganini. SecurityAffairs – Asruex Trojan, malware).

Malware 110

Malware Spyware Advertising Encryption 110

Security Affairs

JUNE 21, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. authorities sanction six Nigerian nationals for BEC and Romance Fraud. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

DDOS 104

DDOS Spyware Advertising Hacking 104

Security Affairs

JULY 16, 2020

. “With the changes that we expect to be made to mobile banking Trojans, the line between banking malware and spyware becomes thinner, banking malware will pose a threat for more organizations and their infrastructure, an organic change that we observed on windows banking malware years ago.”

Malware 129

Malware Banking Mobile Spyware 129

Security Affairs

SEPTEMBER 27, 2020

The spyware is able to steal SMS messages, contact lists and device information along with to sign victims up for premium service subscriptions. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Always watch out for the risky permissions related to SMS, call logs, contacts, and more.

Malware 145

Malware Advertising Spyware Encryption 145

Security Affairs

OCTOBER 30, 2019

In May, Facebook has patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device. Today @WhatsApp is taking a stand against the dangerous use of spyware. This abuse must be stopped. Pierluigi Paganini.

Surveillance 75

Surveillance Technology Spyware Mobile 75

Security Affairs

MARCH 8, 2020

The final payload is the FormBook information-stealing Trojan, a malware that was first spotted by researchers at FireEye in October 2017. FormBook data-stealing malware was used with cyber espionage purposes, like other spyware it is capable of extracting data from HTTP sessions, keystroke logging, stealing clipboard contents.

Malware 145

Malware Scams Social Engineering Phishing 145

Security Affairs

DECEMBER 30, 2019

Security experts have detected and analyzed some of the tools in its arsenals, such as the popular Pegasus spyware (for iOS) and Chrysaor (for Android). In September 2018, a report published by Citizen Lab revealed that the NSO Pegasus spyware was used against targets across 45 countries worldwide. Pierluigi Paganini.

Cybercrime 94

Cybercrime Surveillance Spyware Government 94

Security Affairs

MAY 24, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Data breaches 101

Data breaches Spyware Advertising Hacking 101

Security Affairs

JULY 10, 2020

The JS script would also act as a dropper for additional payloads, including a C# spyware, Golden Chickens components, and Python-based applications. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Threat actors used a dedicated C2 server for each component that is installed via manual commands.

eCommerce 134

eCommerce Malware Advertising Spyware 134

Security Affairs

SEPTEMBER 28, 2019

Following the disclosure of the Simjacker attack, the researcher Lakatos from Ginno Security Lab discovered that another dynamic SIM toolkit, called Wireless Internet Browser (WIB), can be exploited in a similar way. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reported SRLLabs.

Hacking 111

Hacking Risk Mobile Advertising 111