2015 and Spyware - Cyber Security Informer

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

Krebs on Security

SEPTEMBER 4, 2018

In May 2015, KrebsOnSecurity broke the news that mSpy had been hacked and its customer data posted to the Dark Web. mSpy pledged to redouble its security efforts in the wake of the 2015 breach. mSpy pledged to redouble its security efforts in the wake of the 2015 breach. In September 2014, U.S. In September 2014, U.S.

Spyware

Spyware Mobile Advertising Software

Malware in Google Apps

Schneier on Security

MAY 5, 2020

That's when Russian security firm Dr. Web found a sample of spyware in Google's app store that impersonated a downloader of graphic design software but in fact had the capability to steal contacts, call logs, and text messages from Android phones. What's important is the ability to download new malicious payloads," he says. "It

Malware

Malware Spyware Phishing Government

Sextortion campaign uses Goontact spyware to target Android and iOS users

Security Affairs

DECEMBER 16, 2020

Security researchers from Lookout have discovered new spyware, dubbed Goontcat, that could target both Android and iOS users. Goontact implement common spyware features, including the ability to gather data from the infected devices and gather system info. The spyware is likely used as part of a sextortion campaign.

Spyware

Spyware Mobile Surveillance Malware

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

Security Affairs

JUNE 22, 2020

Researchers at Amnesty International collected evidence that a Moroccan journalist was targeted with network injection attacks using NSO Group ‘s spyware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. reads the analysis published by Amnesty International in October. Pierluigi Paganini.

Spyware

Spyware Surveillance Mobile Advertising

Skygofree: New Government Malware for Android

Schneier on Security

JANUARY 22, 2018

These domains have been registered by the attackers since 2015. Moreover, as we dived deeper into the investigation, we discovered several spyware tools for Windows that form an implant for exfiltrating sensitive data on a targeted machine. According to our telemetry, that was the year the distribution campaign was at its most active.

Malware

Malware Government Spyware Hacking

Researchers Uncover Years-Long Mobile Spyware Campaign Targeting Uyghurs

The Hacker News

SEPTEMBER 23, 2022

A new wave of a mobile surveillance campaign has been observed targeting the Uyghur community as part of a long-standing spyware operation active since at least 2015, cybersecurity researchers disclosed Thursday.

Spyware

Spyware Mobile Surveillance Malware

Facebook vs NSO Group lawsuit: 1,400+ users were targeted with Pegasus spyware

Security Affairs

APRIL 25, 2020

Facebook advocates have challenged a plea from spyware maker NSO Group to dismiss the legal dispute over the hacking accusations, arguing it has immunity from prosecution. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware

Spyware Surveillance Advertising Mobile

XCSSET Mac spyware spreads via Xcode Projects

Security Affairs

AUGUST 15, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The post XCSSET Mac spyware spreads via Xcode Projects appeared first on Security Affairs. Technical details about the threat, including Indicators of Compromise, are included in the report published by the experts. Pierluigi Paganini.

Spyware

Spyware Malware Advertising Cryptocurrency

Regin spyware involved in attack against the Russian tech giant Yandex

Security Affairs

JUNE 28, 2019

In August 2015, Symantec revealed the existence of 49 new modules of the Regin espionage platform, a circumstance that suggests that its operators are still active. In 2015, the Der Spiegel, citing cyber security experts, confirmed there “is no doubt” that Regin can be linked to the Five Eyes alliance. Pierluigi Paganini.

Spyware

Spyware Malware Advertising Authentication

WhatsApp zero-day exploited in targeted attacks to deliver NSO spyware

Security Affairs

MAY 14, 2019

Facebook fixed a critical zero-day flaw in WhatsApp that has been exploited to remotely install spyware on phones by calling the targeted device. Facebook has recently patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device.

Spyware

Spyware Surveillance Mobile Advertising

Earth Empusa targets minority group with Android ActionSpy spyware

Security Affairs

JUNE 15, 2020

The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. ActionSpy, which may have been around since 2017, is an Android spyware that allows the attacker to collect information from the compromised devices,” reads the report published by Trend Micro.

Spyware

Spyware Advertising Encryption Phishing

Experts found Joker Spyware in 24 apps in the Google Play store

Security Affairs

SEPTEMBER 8, 2019

Security experts at Google have removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” ” Google has removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” The C&C URL 6. Pierluigi Paganini.

Spyware

Spyware Advertising Malware Cryptocurrency

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

Security Affairs

JUNE 17, 2022

Lookout Threat Lab researchers uncovered enterprise-grade Android surveillance spyware, named Hermit, used by the government of Kazakhstan to track individuals within the country. According to Lookout, the Hermit spyware was likely developed by Italian surveillance vendor RCS Lab S.p.A SecurityAffairs – hacking, Hermit spyware).

Spyware

Spyware Surveillance Telecommunications Mobile

New FinFisher spyware used to spy on iOS and Android users in 20 countries

Security Affairs

JULY 11, 2019

Malware researchers from Kaspersky have discovered new and improved versions of the infamous FinFisher spyware used to infect both Android and iOS devices. Experts at Kaspersky have discovered a new improved variant of the FinFisher spyware used to spy on both iOS and Android users in 20 countries. Pierluigi Paganini.

Spyware

Spyware Advertising Mobile Architecture

WhatsApp flaw CVE-2019-11931 could be exploited to install spyware

Security Affairs

NOVEMBER 16, 2019

The popular messaging platform WhatsApp made the headlines again, a new bug could be exploited by hackers to secretly install spyware. In May, Facebook patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device.

Spyware

Spyware Advertising Mobile Information Security

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

Security Affairs

APRIL 16, 2025

It is not a first time that smartphones come with pre-installed malware, earlier 2015, the security firm Bluebox discovered a preinstalled malware , many malicious apps, and a series of security holes on the Xiaomi Mi 4 smartphone.

Malware

Malware Manufacturing Mobile Spyware

Updated Android spyware GravityRAT steals WhatsApp Backups

Security Affairs

JUNE 16, 2023

An updated version of the Android remote access trojan GravityRAT can steal WhatsApp backup files and can delete files ESET researchers discovered an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can delete files. The malware is distributed as the messaging apps BingeChat and Chatico.

Backups

Backups Spyware Malware Accountability

Mandrake, a high sophisticated Android spyware used in targeted attacks

Security Affairs

MAY 18, 2020

Security experts discovered a highly sophisticated Android spyware platform, dubbed Mandrake, that remained undetected for four years. Researchers from Bitdefender discovered a high-sophisticated Android spyware platform dubbed Mandrake, it was involved in highly targeted attacks against specific devices. Pierluigi Paganini.

Spyware

Spyware Malware Advertising Banking

Android Spyware Monokle, developed by Russian defense contractor, used in targeted attacks

Security Affairs

JULY 25, 2019

Researchers at Lookout discovered a new mobile spyware dubbed Monokle that was developed by a Russian defense contractor. Experts at Lookout discovered a new Android mobile spyware in the wild, dubbed Monokle, that was developed by a Russian defense contractor named Special Technology Centre Ltd. ( Pierluigi Paganini.

Spyware

Spyware Surveillance Mobile Advertising

Experts spotted a rare Linux Desktop spyware dubbed EvilGnome

Security Affairs

JULY 18, 2019

The researchers attribute the spyware to the Russia-linked and Gamaredon Group. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Experts spotted a rare Linux Desktop spyware dubbed EvilGnome appeared first on Security Affairs. ” reads the analysis published by Intezer.

Spyware

Spyware Malware Advertising Cyber Attacks

App tainted with Ahmyst Open-source spyware appeared on Google Play Store twice

Security Affairs

AUGUST 22, 2019

The popular malware researcher Lukas Stefanko from ESET discovered that a malicious spyware, built on the AhMyth open-source espionage tool, was uploaded on Google Play twice over two weeks, bypassing Google security checks. “ ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” wrote Stafanko.

Spyware

Spyware Advertising Malware Mobile

Amnesty claims that 2 Morocco rights advocates were targeted by NSO Group spyware

Security Affairs

OCTOBER 10, 2019

NSO Group ‘s surveillance spyware made the headlines again, this time the malware was used to spy on 2 rights activists in Morocco according Amnesty International. Amnesty International collected evidence of new abuses of the NSO Group ‘s surveillance spyware, this time the malware was used to spy two rights activists in Morocco.

Spyware

Spyware Surveillance Advertising Malware

Unknown FinSpy Mac and Linux versions found in Egypt

Security Affairs

SEPTEMBER 27, 2020

Experts from Amnesty International uncovered a surveillance campaign that targeted Egyptian civil society organizations with a new version of FinSpy spyware. The binaries are obfuscated and do some checks to detect if the spyware is running in a Virtual Machine. ” reads the Amnesty’s report. Pierluigi Paganini.

Spyware

Spyware Surveillance Advertising Mobile

Scranos – A Cross Platform, Rootkit-Enabled Spyware rapidly spreading

Security Affairs

APRIL 16, 2019

Scranos is a powerful cross-platform rootkit-enabled spyware discovered while investigating malware posing as legitimate software like video players, drivers and even anti-virus products. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The report also includes the IoCs for this last campaign.

Spyware

Spyware Adware Malware Accountability

Parental control spyware app Family Orbit hacked, pictures of hundreds of monitored children were exposed

Security Affairs

SEPTEMBER 4, 2018

The company that sells the parental control spyware app Family Orbit has been hacked, pictures of hundreds of monitored children were left online. The company that sells the parental control spyware app Family Orbit has been hacked, the pictures of hundreds of monitored children were left online only protected by a password.

Spyware

Spyware Hacking Data breaches Passwords

Google updates policies to ban any ads for surveillance solutions and services

Security Affairs

JULY 12, 2020

. “In August 2020, the Google Ads Enabling Dishonest Behavior policy will be updated to clarify restrictions on advertising for spyware and surveillance technology.”reads Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ”reads the post published by Google. Pierluigi Paganini.

Surveillance

Surveillance Spyware Advertising Marketing

Bitdefender spotted Triout, a new powerful Android Spyware Framework

Security Affairs

AUGUST 23, 2018

Security researchers from Bitdefender have spotted a new Android spyware framework dubbed Triout that could be used to create malware with extensive surveillance capabilities. The Triout spyware was discovered analyzing a tainted application that maintained all the original features. Pierluigi Paganini.

Spyware

Spyware Surveillance Advertising Malware

Swedish Government grants police the use of spyware against violent crime suspects

Security Affairs

OCTOBER 24, 2019

The Sweden government is going to authorize the use of spyware on suspects’ devices to spy on their communications and track them. Criminal organizations leverage encrypted messaging services for their communications, for this reason the Government decided to authorize the use of surveillance spyware against suspects of violent crimes.

Spyware

Spyware Government Surveillance Encryption

GravityRAT malware also targets Android and macOS

Security Affairs

OCTOBER 19, 2020

Researchers spotted new variants of the Windows GravityRAT spyware that now can also infect Android and macOS devices. The GravityRAT malware Access Trojan (RAT) is believed to be the work of Pakistani hacker groups, it is under development at least since 2015. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Computers and Electronics Spyware Advertising

A New Spyware is Targeting Telegram and Psiphon VPN Users in Iran

The Hacker News

JUNE 17, 2021

Threat actors with suspected ties to Iran have been found to leverage instant messaging and VPN apps like Telegram and Psiphon to install a Windows remote access trojan (RAT) capable of stealing sensitive information from targets' devices since at least 2015.

VPN

VPN Spyware Cybersecurity

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. In 2015, the hacker who breached the systems of the Italian surveillance firm Hacking Team leaked a 400GB package containing hacking tools and exploits codes.

Firmware

Firmware Spyware Surveillance Hacking

BusyGasper spyware remained undetected for two years while spying Russians

Security Affairs

AUGUST 30, 2018

The BusyGasper Android spyware has been active since May 2016, it implements unusual features for this type of malware. We found no similarities to commercial spyware products or to other known spyware variants, which suggests BusyGasper is self-developed and used by a single threat actor.” ” continues Kaspersky.

Spyware

Spyware Malware Advertising Banking

Courts Hand Down Hard Jail Time for DDoS

Krebs on Security

JANUARY 14, 2019

According to court testimony, Kaye was hired in 2015 to attack Lonestar , Liberia’s top mobile phone and Internet provider. Kaye pocketed $10,000 for the attack, which was alleged to have been paid for by an individual working for Cellcom , Lonestar’s competitor in the region. to face charges there.

DDOS

DDOS Internet Internet Spyware

Exodus, a government malware that infected innocent victims

Security Affairs

MARCH 30, 2019

Security researchers have found a new government spyware, tracked as Exodus, that was distributed through the Google Play Store. The researchers argue that the surveillance operation might have targeted also innocent victims because the spyware was poorly developed, a circumstance that is confirmed makes the software illegal.

Government

Government Malware Spyware Surveillance

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

Security Affairs

AUGUST 12, 2020

Agent Tesla is a spyware that is used to spy on the victims by collecting keystrokes, system clipboard, screenshots, and credentials from the infected system. To do this, the spyware creates different threads and timer functions in the main function. ” concludes the report that also includes indicators of compromise (IoCs).

Passwords

Passwords Spyware VPN Malware

Canada Uses Civil Anti-Spam Law in Bid to Fine Malware Purveyors

Krebs on Security

MAY 30, 2019

Federal Communications Commission (FCC), executed a search warrant in tandem with the Royal Canadian Mounted Police (RCMP) at the home of a Toronto software developer behind the Orcus RAT , a product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015.

Computers and Electronics

Computers and Electronics Malware Software Telecommunications

A new sophisticated version of the AZORult Spyware appeared in the wild

Security Affairs

JULY 30, 2018

A new sophisticated version of the AZORult Spyware was spotted in the wild, it was involved in a large email campaign on July 18. Malware researchers at Proofpoint spotted a new version of the AZORult Spyware in the wild, it was involved in a large email campaign on July 18, just 24 hours it appeared in cybercrime forums on the Dark Web.

Spyware

Spyware Cryptocurrency Passwords Malware

German authorities raid the offices of the FinFisher surveillance firm

Security Affairs

OCTOBER 14, 2020

In September, Amnesty International uncovered a new surveillance campaign that targeted Egyptian civil society organizations with previously undisclosed versions of the infamous FinSpy surveillance spyware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Surveillance

Surveillance Spyware Software Advertising

Orcus RAT Author Charged in Malware Scheme

Krebs on Security

NOVEMBER 13, 2019

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT , a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. This week, Canadian authorities criminally charged him with orchestrating an international malware scheme.

Malware

Malware Advertising Marketing System Administration

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Security Affairs

APRIL 8, 2020

In May, Facebook has patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” Who will win? Facebook or NSO Group?

Surveillance

Surveillance Spyware Advertising Government

Amnesty International filed a lawsuit against Israeli surveillance firm NSO

Security Affairs

MAY 20, 2019

Amnesty International filed a lawsuit against Israeli surveillance firm NSO and fears its staff may be targeted by the company with its Pegasus spyware. In July, Citizen Lab collected evidence of attacks against 175 targets worldwide carried on with the NSO spyware. Pierluigi Paganini.

Surveillance

Surveillance Spyware Software Government

Joker malware still able to bypass Google Play Store checks

Security Affairs

FEBRUARY 22, 2020

The fight to the Joker malware (aka Bread) begun in September 2019 when security experts at Google removed from the official Play Store 24 apps because they were infected with a new spyware tracked as “ the Joker. ”. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware Spyware Advertising Mobile

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Security Affairs

SEPTEMBER 18, 2020

Every third email, meanwhile, contained spyware , which is used by threat actors to steal payment data or other sensitive info to then put it on sale in the darknet or blackmail its owner. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, ransomware).

Phishing

Phishing Ransomware Spyware Banking

Phishers prefer Tesla, top 3 malware strains in Coronavirus phishing campaigns

Security Affairs

APRIL 9, 2020

Spyware turned out to be the most common malware class hiding in fraudulent COVID-19 emails, with AgentTesla topping the list of phishers’ favorite strains. Spyware: the most likely COVID-19 payload. Most COVID-19-related phishing emails analyzed had different spyware strains embedded as attachments. Source: CERT-GIB.

Phishing

Phishing Malware Spyware DDOS

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

Malware in Google Apps

Trending Sources

Sextortion campaign uses Goontact spyware to target Android and iOS users

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

Skygofree: New Government Malware for Android

Researchers Uncover Years-Long Mobile Spyware Campaign Targeting Uyghurs

Facebook vs NSO Group lawsuit: 1,400+ users were targeted with Pegasus spyware

XCSSET Mac spyware spreads via Xcode Projects

Regin spyware involved in attack against the Russian tech giant Yandex

WhatsApp zero-day exploited in targeted attacks to deliver NSO spyware

Earth Empusa targets minority group with Android ActionSpy spyware

Experts found Joker Spyware in 24 apps in the Google Play store

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

New FinFisher spyware used to spy on iOS and Android users in 20 countries

WhatsApp flaw CVE-2019-11931 could be exploited to install spyware

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

Updated Android spyware GravityRAT steals WhatsApp Backups

Mandrake, a high sophisticated Android spyware used in targeted attacks

Android Spyware Monokle, developed by Russian defense contractor, used in targeted attacks

Experts spotted a rare Linux Desktop spyware dubbed EvilGnome

App tainted with Ahmyst Open-source spyware appeared on Google Play Store twice

Amnesty claims that 2 Morocco rights advocates were targeted by NSO Group spyware

Unknown FinSpy Mac and Linux versions found in Egypt

Scranos – A Cross Platform, Rootkit-Enabled Spyware rapidly spreading

Parental control spyware app Family Orbit hacked, pictures of hundreds of monitored children were exposed

Google updates policies to ban any ads for surveillance solutions and services

Bitdefender spotted Triout, a new powerful Android Spyware Framework

Swedish Government grants police the use of spyware against violent crime suspects

GravityRAT malware also targets Android and macOS

A New Spyware is Targeting Telegram and Psiphon VPN Users in Iran

Second-ever UEFI rootkit used in North Korea-themed attacks

BusyGasper spyware remained undetected for two years while spying Russians

Courts Hand Down Hard Jail Time for DDoS

Exodus, a government malware that infected innocent victims

Agent Tesla includes new password-stealing capabilities from browsers and VPNs

Canada Uses Civil Anti-Spam Law in Bid to Fine Malware Purveyors

A new sophisticated version of the AZORult Spyware appeared in the wild

German authorities raid the offices of the FinFisher surveillance firm

Orcus RAT Author Charged in Malware Scheme

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Amnesty International filed a lawsuit against Israeli surveillance firm NSO

Joker malware still able to bypass Google Play Store checks

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Phishers prefer Tesla, top 3 malware strains in Coronavirus phishing campaigns

Stay Connected