2017, Information Security and Spyware - Cyber Security Informer

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

Security Affairs

JULY 20, 2023

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. Upon installing the two spyware, they request extensive device permissions.

Spyware

Spyware Surveillance Mobile Malware

CloudMensis spyware went undetected for many years

Security Affairs

JULY 19, 2022

Researchers spotted previously undocumented spyware, dubbed CloudMensis, that targets the Apple macOS systems. Experts have yet to determine how the victims are initially compromised by this spyware. The post CloudMensis spyware went undetected for many years appeared first on Security Affairs. Pierluigi Paganini.

Spyware

Spyware Malware Authentication Architecture

Updated Android spyware GravityRAT steals WhatsApp Backups

Security Affairs

JUNE 16, 2023

An updated version of the Android remote access trojan GravityRAT can steal WhatsApp backup files and can delete files ESET researchers discovered an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can delete files. The malware is distributed as the messaging apps BingeChat and Chatico.

Backups

Backups Spyware Malware Accountability

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 1, 2023

CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices. Cybersecurity and Infrastructure Security Agency (CISA) has added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog.

Spyware

Spyware Surveillance Mobile Education

APT C-23 group targets Middle East with an enhanced Android spyware variant

Security Affairs

NOVEMBER 26, 2021

A threat actor, tracked as APT C-23, is using new powerful Android spyware in attacks aimed at targets in the Middle East. The APT C-23 cyberespionage group (also known as GnatSpy, FrozenCell, or VAMP) continues to target entities in the Middle East with enhanced Android spyware masqueraded as seemingly harmless app updates (i.e.

Spyware

Spyware Social Engineering Surveillance Engineering

Donot Team targets a Togo prominent activist with Indian-made spyware

Security Affairs

OCTOBER 11, 2021

A Togolese human rights advocate was hit by mobile spyware that has been allegedly developed by an Indian firm called Innefu Labs. Experts believe the attackers used a spyware developed by an Indian company called Innefu Labs. In the past, the Donot Team spyware was found in attacks outside of South Asia. Pierluigi Paganini.

Spyware

Spyware Surveillance Accountability Mobile

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

Security Affairs

JUNE 22, 2020

Researchers at Amnesty International collected evidence that a Moroccan journalist was targeted with network injection attacks using NSO Group ‘s spyware. reads the analysis published by Amnesty International in October. ” reads the report published by Amnesty International.

Spyware

Spyware Surveillance Mobile Advertising

Earth Empusa targets minority group with Android ActionSpy spyware

Security Affairs

JUNE 15, 2020

The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. ActionSpy, which may have been around since 2017, is an Android spyware that allows the attacker to collect information from the compromised devices,” reads the report published by Trend Micro.

Spyware

Spyware Advertising Encryption Phishing

XLoader, a $49 spyware that could target both Windows and macOS devices

Security Affairs

JULY 21, 2021

FormBook is a data-stealing malware that is used in cyber espionage campaigns, like other spyware it is capable of extracting data from HTTP sessions, keystroke logging, stealing clipboard contents. The malware was pulled from sale in 2017, but it continued to infect systems across the world. Pierluigi Paganini.

Spyware

Spyware Malware Cybercrime Advertising

Mandrake, a high sophisticated Android spyware used in targeted attacks

Security Affairs

MAY 18, 2020

Security experts discovered a highly sophisticated Android spyware platform, dubbed Mandrake, that remained undetected for four years. Researchers from Bitdefender discovered a high-sophisticated Android spyware platform dubbed Mandrake, it was involved in highly targeted attacks against specific devices. Pierluigi Paganini.

Spyware

Spyware Malware Advertising Banking

A man faces up to 25 years in prison for his role in operating unlicensed crypto exchange BTC-e

Security Affairs

FEBRUARY 6, 2024

“According to the indictment, between 2011 and July 2017, Aliaksandr Klimenka, 42, allegedly controlled BTC-e, a digital currency exchange, with Alexander Vinnik and others.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, commercial spyware )

Cryptocurrency

Cryptocurrency Spyware Cybercrime Hacking

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. Kaspersky researchers revealed to have found MosaicRegressor components at several dozen entities between 2017 and 2019.

Firmware

Firmware Spyware Surveillance Hacking

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Security Affairs

APRIL 8, 2020

A new shocking revelation comes from the disputed from NSO Group and Facebook, NSO CEO claims Facebook tried to buy an Apple spying software in 2017. “According to a declaration from NSO CEO Shalev Hulio , two Facebook representatives approached NSO in October 2017 and asked to purchase the right to use certain capabilities of Pegasus.”

Surveillance

Surveillance Spyware Advertising Government

GravityRAT malware also targets Android and macOS

Security Affairs

OCTOBER 19, 2020

Researchers spotted new variants of the Windows GravityRAT spyware that now can also infect Android and macOS devices. ” reads an analysis published by Cisco Talos that spotted the malware back in 2017 when it was used by an APT group targeting India.

Malware

Malware Computers and Electronics Spyware Advertising

Al Jazeera detected and blocked disruptive cyberattacks

Security Affairs

JUNE 11, 2021

The attackers used an exploit chain named Kismet that was part of the arsenal of the controversial Pegasus spyware that is sold by the surveillance firm NSO Group. In June 2017, the Qatari news channel announced that all its systems were under a large-scale cyber attack.

Cyber Attacks

Cyber Attacks Media Spyware Hacking

A deeper insight into the CloudWizard APT’s activity revealed a long-running activity

Security Affairs

MAY 23, 2023

In the latest campaign uncovered by Kaspersky, the APT group, used a modular framework dubbed CloudWizard that supports spyware capabilities, including taking screenshots, microphone recording, harvesting Gmail inboxes, and keylogging. Since 2017, there have been no traces of Groundbait and BugDrop operations.

Malware

Malware Spyware Encryption Phishing

New Coronavirus-themed malspam campaign delivers FormBook Malware

Security Affairs

MARCH 8, 2020

The final payload is the FormBook information-stealing Trojan, a malware that was first spotted by researchers at FireEye in October 2017. FormBook data-stealing malware was used with cyber espionage purposes, like other spyware it is capable of extracting data from HTTP sessions, keystroke logging, stealing clipboard contents.

Malware

Malware Scams Social Engineering Phishing

Security Affairs newsletter Round 261

Security Affairs

APRIL 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware

Spyware Hacking Advertising Antivirus

PhantomLance, a four-year-long cyberespionage spying campaign

Security Affairs

APRIL 28, 2020

The PhantomLance malware implements classic spyware functionalities, it could exfiltrate user data, phone call logs, SMS messages, contacts, and GPS data. Android version, installed apps). . The malicious code is also able to deploy additional malicious payloads. . . Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Advertising Spyware Marketing

Gulf countries came under hackers’ spotlight in 2018, with more than 130 000 payment cards compromised

Security Affairs

APRIL 8, 2019

According to Group-IB’s annual Hi-Tech Crime Trends 2018 report, on average, from June 2017 to August 2018, the details of 1.8 Hence, the task of preventing information security incidents for critical information infrastructures should be addressed at the legislative level. Map of Middle-Eastern Countries.

Artificial Intelligence

Artificial Intelligence Government Banking Advertising

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

The Last Watchdog

JANUARY 28, 2019

Worldwide spending on information security products and services rose to $114 billion in 2018, up from $102 billion in 2017, an increase of 12.4 Google and Apple have invested a lot into securing their respective app stores. Apps from other sources can carry malware or spyware.

Passwords

Passwords Password Management Antivirus Internet

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Security Affairs

JUNE 18, 2020

Security researchers at ESET recently uncovered a campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations in the military sector and diplomatic missions in Eastern Europe. The attack chain begins with the deployment of a TCP downloader that fetches the next stage payload.

DNS

DNS Advertising Spyware Software

Australian man charged with creating and selling the Imminent Monitor spyware

Security Affairs

AUGUST 1, 2022

An Australian national has been charged for the creation and sale of the Imminent Monitor (IM) spyware, which was also used for criminal purposes. The 24-year-old Australian national Jacob Wayne John Keen has been charged for his alleged role in the development and sale of spyware known as Imminent Monitor (IM). Pierluigi Paganini.

Spyware

Spyware Malware Cybercrime Hacking

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Last Watchdog

FEBRUARY 28, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Cyber threats

Cyber threats Computers and Electronics Adware Spyware

The Most Common Types of Malware in 2021

CyberSecurity Insiders

JANUARY 31, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Malware

Malware Computers and Electronics Adware Spyware

Amnesty International filed a lawsuit against Israeli surveillance firm NSO

Security Affairs

MAY 20, 2019

Amnesty International filed a lawsuit against Israeli surveillance firm NSO and fears its staff may be targeted by the company with its Pegasus spyware. In July, Citizen Lab collected evidence of attacks against 175 targets worldwide carried on with the NSO spyware.

Surveillance

Surveillance Spyware Software Government

Security Affairs newsletter Round 221 – News of the week

Security Affairs

JULY 7, 2019

ViceLeaker Android spyware targets users in the Middle East. US Cyber Command warns of Iran-linked hackers exploiting CVE-2017-11774 Outlook flaw. Magento fixed security flaws that allow complete site takeover. Israeli blamed Russia for jamming at Israeli Ben Gurion airport. Cyber Defense Magazine – July 2019 has arrived.

Scams

Scams Spyware DNS Advertising

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

ForAllSecure

AUGUST 14, 2019

The ability to get information from clouds that are normally thought secure, notably Apple's iCloud, is new for Pegasus. Reports suggest that smishing is one possible attack vector for the spyware. Federal Trade Commission announced today that Equifax will pay $575 million in its settlement over the credit bureau's 2017 breach.

Energy and Utilities

Energy and Utilities Penetration Testing Government Education

Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

APRIL 28, 2024

Hackers may have accessed thousands of accounts on the California state welfare platform Brokewell Android malware supports an extensive set of Device Takeover capabilities Experts warn of an ongoing malware campaign targeting WP-Automatic plugin Cryptocurrencies and cybercrime: A critical intermingling Kaiser Permanente data breach may have impacted (..)

Cybercrime

Cybercrime Spyware Data breaches Antivirus

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

ForAllSecure

AUGUST 14, 2019

The ability to get information from clouds that are normally thought secure, notably Apple's iCloud, is new for Pegasus. Reports suggest that smishing is one possible attack vector for the spyware. Federal Trade Commission announced today that Equifax will pay $575 million in its settlement over the credit bureau's 2017 breach.

Energy and Utilities

Energy and Utilities Penetration Testing Government Education

THE CYBERWIRE DAILY PODCAST EP. 389 WITH GUEST SPEAKER DAVID BRUMLEY

ForAllSecure

AUGUST 14, 2019

The ability to get information from clouds that are normally thought secure, notably Apple's iCloud, is new for Pegasus. Reports suggest that smishing is one possible attack vector for the spyware. Federal Trade Commission announced today that Equifax will pay $575 million in its settlement over the credit bureau's 2017 breach.

Energy and Utilities

Energy and Utilities Penetration Testing Government Education

Cyber Security Informer

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

CloudMensis spyware went undetected for many years

Trending Sources

Updated Android spyware GravityRAT steals WhatsApp Backups

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

APT C-23 group targets Middle East with an enhanced Android spyware variant

Donot Team targets a Togo prominent activist with Indian-made spyware

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

Earth Empusa targets minority group with Android ActionSpy spyware

XLoader, a $49 spyware that could target both Windows and macOS devices

Mandrake, a high sophisticated Android spyware used in targeted attacks

A man faces up to 25 years in prison for his role in operating unlicensed crypto exchange BTC-e

Second-ever UEFI rootkit used in North Korea-themed attacks

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

GravityRAT malware also targets Android and macOS

Al Jazeera detected and blocked disruptive cyberattacks

A deeper insight into the CloudWizard APT’s activity revealed a long-running activity

New Coronavirus-themed malspam campaign delivers FormBook Malware

Security Affairs newsletter Round 261

PhantomLance, a four-year-long cyberespionage spying campaign

Gulf countries came under hackers’ spotlight in 2018, with more than 130 000 payment cards compromised

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Australian man charged with creating and selling the Imminent Monitor spyware

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Most Common Types of Malware in 2021

Amnesty International filed a lawsuit against Israeli surveillance firm NSO

Security Affairs newsletter Round 221 – News of the week

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION

The CyberWire Daily Podcast EP. 389 With Guest Speaker David Brumley

THE CYBERWIRE DAILY PODCAST EP. 389 WITH GUEST SPEAKER DAVID BRUMLEY

Stay Connected