2017 and Spyware - Cyber Security Informer

Trojans and Spyware Are Making a Comeback

Adam Levin

JANUARY 25, 2019

Trojan horse-based malware attacks and spyware rose sharply in 2018 as ransomware-based attacks declined, according to a new report published by Malwarebytes. Ransomware attacks remain a persistent threat, but are not as prevalent as they were at their peak in 2017, which coincided with the meteoric rise in cyptocurrency values.

Spyware

Spyware Ransomware Malware Banking

Chinese EagleMsgSpy Spyware Found Exploiting Mobile Devices Since 2017

The Hacker News

DECEMBER 11, 2024

The Android tool, codenamed EagleMsgSpy by Lookout, has been operational since at least 2017, with artifacts uploaded to the VirusTotal malware scanning platform as recently as

Mobile

Mobile Spyware Surveillance Malware

Unauthorized data access vulnerability in macOS is detailed by Microsoft

Malwarebytes

OCTOBER 18, 2024

The vulnerability, tracked as CVE-2024-44133 was fixed in the September 16 update for Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac Mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later).

Adware

Adware Spyware Mobile Technology

Skygofree: New Government Malware for Android

Schneier on Security

JANUARY 22, 2018

The activities continue: the most recently observed domain was registered on October 31, 2017. Moreover, as we dived deeper into the investigation, we discovered several spyware tools for Windows that form an implant for exfiltrating sensitive data on a targeted machine. BoingBoing post.

Malware

Malware Government Spyware Hacking

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

Security Affairs

JUNE 22, 2020

Researchers at Amnesty International collected evidence that a Moroccan journalist was targeted with network injection attacks using NSO Group ‘s spyware. reads the analysis published by Amnesty International in October. ” reads the report published by Amnesty International.

Spyware

Spyware Surveillance Mobile Advertising

Mandrake Android spyware found in five apps in Google Play with over 32,000 downloads since 2022

Security Affairs

JULY 30, 2024

A new version of the Mandrake Android spyware has been found in five apps on Google Play, which have been downloaded over 32,000 times since 2022. Researchers from Kaspersky discovered a new version of the Mandrake Android spyware in five app on Google Play, totaling over 32,000 downloads between 2022 and 2024.

Spyware

Spyware Malware Mobile Marketing

APT C-23 group targets Middle East with an enhanced Android spyware variant

Security Affairs

NOVEMBER 26, 2021

A threat actor, tracked as APT C-23, is using new powerful Android spyware in attacks aimed at targets in the Middle East. The APT C-23 cyberespionage group (also known as GnatSpy, FrozenCell, or VAMP) continues to target entities in the Middle East with enhanced Android spyware masqueraded as seemingly harmless app updates (i.e.

Spyware

Spyware Social Engineering Surveillance Engineering

Earth Empusa targets minority group with Android ActionSpy spyware

Security Affairs

JUNE 15, 2020

The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. ActionSpy, which may have been around since 2017, is an Android spyware that allows the attacker to collect information from the compromised devices,” reads the report published by Trend Micro.

Spyware

Spyware Advertising Encryption Phishing

CloudMensis spyware went undetected for many years

Security Affairs

JULY 19, 2022

Researchers spotted previously undocumented spyware, dubbed CloudMensis, that targets the Apple macOS systems. Experts have yet to determine how the victims are initially compromised by this spyware. The post CloudMensis spyware went undetected for many years appeared first on Security Affairs. ” continues the post.

Spyware

Spyware Malware Authentication Architecture

Donot Team targets a Togo prominent activist with Indian-made spyware

Security Affairs

OCTOBER 11, 2021

A Togolese human rights advocate was hit by mobile spyware that has been allegedly developed by an Indian firm called Innefu Labs. Experts believe the attackers used a spyware developed by an Indian company called Innefu Labs. In the past, the Donot Team spyware was found in attacks outside of South Asia. Pierluigi Paganini.

Spyware

Spyware Surveillance Accountability Mobile

Facebook Cracks Down on Spyware Vendors from U.S., China, Russia, Israel, and India

The Hacker News

DECEMBER 19, 2022

Meta Platforms disclosed that it took down no less than 200 covert influence operations since 2017 spanning roughly 70 countries across 42 languages. The social media conglomerate also took steps to disable accounts and block infrastructure operated by spyware vendors, including in China, Russia, Israel, the U.S.

Spyware

Spyware Media Accountability

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

Security Affairs

JULY 20, 2023

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. Upon installing the two spyware, they request extensive device permissions.

Spyware

Spyware Surveillance Mobile Malware

Mandrake, a high sophisticated Android spyware used in targeted attacks

Security Affairs

MAY 18, 2020

Security experts discovered a highly sophisticated Android spyware platform, dubbed Mandrake, that remained undetected for four years. Researchers from Bitdefender discovered a high-sophisticated Android spyware platform dubbed Mandrake, it was involved in highly targeted attacks against specific devices. Pierluigi Paganini.

Spyware

Spyware Malware Advertising Banking

Courts Hand Down Hard Jail Time for DDoS

Krebs on Security

JANUARY 14, 2019

In February 2017, authorities in the United Kingdom arrested Kaye an extradited him to Germany to face charges of knocking more than 900,000 Germans offline in a Mirai attack in November 2016. As reported by Israeli news outlet Haaretz , Kaye testified that the attack was ordered by the CEO of Cellcom Liberia. to face charges there.

DDOS

DDOS Internet Internet Spyware

XLoader, a $49 spyware that could target both Windows and macOS devices

Security Affairs

JULY 21, 2021

FormBook is a data-stealing malware that is used in cyber espionage campaigns, like other spyware it is capable of extracting data from HTTP sessions, keystroke logging, stealing clipboard contents. The malware was pulled from sale in 2017, but it continued to infect systems across the world. Pierluigi Paganini.

Spyware

Spyware Malware Cybercrime Advertising

Updated Android spyware GravityRAT steals WhatsApp Backups

Security Affairs

JUNE 16, 2023

An updated version of the Android remote access trojan GravityRAT can steal WhatsApp backup files and can delete files ESET researchers discovered an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can delete files. The malware is distributed as the messaging apps BingeChat and Chatico.

Backups

Backups Spyware Malware Accountability

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 1, 2023

CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices. The exploits were used to install commercial spyware and malicious apps on targets’ devices. The threat actors behind the attacks used both zero-day and n-day exploits in their exploits.

Spyware

Spyware Surveillance Mobile Education

App tainted with Ahmyst Open-source spyware appeared on Google Play Store twice

Security Affairs

AUGUST 22, 2019

The popular malware researcher Lukas Stefanko from ESET discovered that a malicious spyware, built on the AhMyth open-source espionage tool, was uploaded on Google Play twice over two weeks, bypassing Google security checks. ” The source code of the RAT is available on GitHub since October 2017. . ” wrote Stafanko.

Spyware

Spyware Advertising Malware Mobile

Amnesty claims that 2 Morocco rights advocates were targeted by NSO Group spyware

Security Affairs

OCTOBER 10, 2019

NSO Group ‘s surveillance spyware made the headlines again, this time the malware was used to spy on 2 rights activists in Morocco according Amnesty International. Amnesty International collected evidence of new abuses of the NSO Group ‘s surveillance spyware, this time the malware was used to spy two rights activists in Morocco.

Spyware

Spyware Surveillance Advertising Malware

Experts discovered surveillance tool EagleMsgSpy used by Chinese law enforcement

Security Affairs

DECEMBER 12, 2024

These documents suggest the existence of an iOS conversion of the spyware that has yet to be uncovered. The surveillance tool family has been active since 2017, the experts highlighted that it requires physical access to the target device to initiate operations. ” reads the report published by Lookout.

Surveillance

Surveillance Mobile Spyware Malware

Phishing attacks use an old Microsoft Office flaw to spread Agent Tesla malware

Security Affairs

DECEMBER 21, 2023

Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882, to spread the Agent Tesla malware. Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882 (CVSS score: 7.8), as part of phishing campaigns to spread the Agent Tesla malware.

Malware

Malware Phishing Spyware Cyber threats

Hackers modify popular OpenVPN Android app to include spyware

Bleeping Computer

NOVEMBER 24, 2022

A threat actor associated with cyberespionage operations since at least 2017 has been luring victims with fake VPN software for Android that is a trojanized version of legitimate software SoftVPN and OpenVPN. [.].

Spyware

Spyware VPN Software

Uber Deployed ‘Surfcam Spyware’ in Australia to Crush the Competition – Report

Threatpost

MARCH 20, 2019

Until a report this week, Uber's Surfcam's use was thought to be limited to incidents uncovered in Singapore in 2017. For its part, Uber denies that it's a "spyware.".

Spyware

Spyware Malware

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Security Affairs

APRIL 8, 2020

A new shocking revelation comes from the disputed from NSO Group and Facebook, NSO CEO claims Facebook tried to buy an Apple spying software in 2017. “According to a declaration from NSO CEO Shalev Hulio , two Facebook representatives approached NSO in October 2017 and asked to purchase the right to use certain capabilities of Pegasus.”

Surveillance

Surveillance Spyware Advertising Government

A man faces up to 25 years in prison for his role in operating unlicensed crypto exchange BTC-e

Security Affairs

FEBRUARY 6, 2024

“According to the indictment, between 2011 and July 2017, Aliaksandr Klimenka, 42, allegedly controlled BTC-e, a digital currency exchange, with Alexander Vinnik and others.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, commercial spyware )

Cryptocurrency

Cryptocurrency Spyware Cybercrime Hacking

Exodus, a government malware that infected innocent victims

Security Affairs

MARCH 30, 2019

Security researchers have found a new government spyware, tracked as Exodus, that was distributed through the Google Play Store. The researchers argue that the surveillance operation might have targeted also innocent victims because the spyware was poorly developed, a circumstance that is confirmed makes the software illegal.

Government

Government Malware Spyware Surveillance

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. Kaspersky researchers revealed to have found MosaicRegressor components at several dozen entities between 2017 and 2019.

Firmware

Firmware Spyware Surveillance Hacking

Extortion, precision malware, and ruthless scams. Read the State of Malware 2021 report

Malwarebytes

FEBRUARY 16, 2021

of all Mac detections in 2020—the rest can be attributed to Potentially Unwanted Programs (PUPs) and Adware ThiefQuest tricked many researchers into believing it was the first example of ransomware on macOS since 2017, but the malware was hiding its real activity of massive data exfiltration. New adversaries crawled out of the woodwork, too.

Malware

Malware Scams Spyware Healthcare

GravityRAT malware also targets Android and macOS

Security Affairs

OCTOBER 19, 2020

Researchers spotted new variants of the Windows GravityRAT spyware that now can also infect Android and macOS devices. ” reads an analysis published by Cisco Talos that spotted the malware back in 2017 when it was used by an APT group targeting India.

Malware

Malware Computers and Electronics Spyware Advertising

Amnesty International filed a lawsuit against Israeli surveillance firm NSO

Security Affairs

MAY 20, 2019

Amnesty International filed a lawsuit against Israeli surveillance firm NSO and fears its staff may be targeted by the company with its Pegasus spyware. In July, Citizen Lab collected evidence of attacks against 175 targets worldwide carried on with the NSO spyware.

Surveillance

Surveillance Spyware Software Government

Al Jazeera detected and blocked disruptive cyberattacks

Security Affairs

JUNE 11, 2021

The attackers used an exploit chain named Kismet that was part of the arsenal of the controversial Pegasus spyware that is sold by the surveillance firm NSO Group. In June 2017, the Qatari news channel announced that all its systems were under a large-scale cyber attack.

Cyber Attacks

Cyber Attacks Media Hacking Spyware

New Coronavirus-themed malspam campaign delivers FormBook Malware

Security Affairs

MARCH 8, 2020

The final payload is the FormBook information-stealing Trojan, a malware that was first spotted by researchers at FireEye in October 2017. FormBook data-stealing malware was used with cyber espionage purposes, like other spyware it is capable of extracting data from HTTP sessions, keystroke logging, stealing clipboard contents.

Malware

Malware Scams Social Engineering Phishing

Seceon to Participate In AGC Partners’ 2017 Boston Technology Growth Conference

Security Boulevard

MAY 31, 2023

Throughout the day we will have a chance to meet dozens of more than 350 strategic buyers and […] The post Seceon to Participate In AGC Partners’ 2017 Boston Technology Growth Conference appeared first on Seceon. The post Seceon to Participate In AGC Partners’ 2017 Boston Technology Growth Conference appeared first on Security Boulevard.

Technology

Technology Artificial Intelligence Spyware DDOS

Seceon to Participate In AGC Partners’ 2017 Boston Technology Growth Conference

Security Boulevard

MAY 31, 2023

Throughout the day we will have a chance to meet dozens of more than 350 strategic buyers and […] The post Seceon to Participate In AGC Partners’ 2017 Boston Technology Growth Conference appeared first on Seceon. The post Seceon to Participate In AGC Partners’ 2017 Boston Technology Growth Conference appeared first on Security Boulevard.

Technology

Technology Artificial Intelligence Spyware DDOS

EagleMsgSpy: Unmasking a Sophisticated Chinese Surveillance Tool

Penetration Testing

DECEMBER 11, 2024

The tool, operational since at least 2017,... The post EagleMsgSpy: Unmasking a Sophisticated Chinese Surveillance Tool appeared first on Cybersecurity News. Researchers at the Lookout Threat Lab have identified a sophisticated surveillance tool, dubbed EagleMsgSpy, reportedly used by law enforcement agencies in mainland China.

Surveillance

Surveillance Cybersecurity Spyware Malware

Threat Actors Spread Agent Tesla Disguised as COVID-19 Vaccination Registration

Hot for Security

JUNE 18, 2021

According to a joint CISA and FBI advisory , CVE-2017-11882 was among the most exploited software vulnerabilities between 2016 and 2019. So it seems that bad actors are still hunting for outdated and unpatched software that can easily be compromised.

Phishing

Phishing Malware Spyware Software

Security Affairs newsletter Round 261

Security Affairs

APRIL 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Spyware Advertising Antivirus

APT trends report Q3 2024

SecureList

NOVEMBER 28, 2024

Epeius is a commercial spyware tool developed by an Italian company that claims to provide intelligence solutions to law enforcement agencies and governments. MuddyWater is an APT actor that surfaced in 2017 and has traditionally targeted countries in the Middle East, Europe and the USA.

Malware

Malware Government Software Spyware

PhantomLance, a four-year-long cyberespionage spying campaign

Security Affairs

APRIL 28, 2020

The PhantomLance malware implements classic spyware functionalities, it could exfiltrate user data, phone call logs, SMS messages, contacts, and GPS data. Android version, installed apps). . The malicious code is also able to deploy additional malicious payloads. . . Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Advertising Marketing Hacking

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Security Affairs

JUNE 18, 2020

The group was first spotted by ESET in 2018, when the experts detected a sophisticated piece of spyware, tracked as InvisiMole, used in targeted attacks in Russia and Ukraine in the previous five years. The attack chain begins with the deployment of a TCP downloader that fetches the next stage payload.

DNS

DNS Advertising Spyware Software

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

The Last Watchdog

JANUARY 28, 2019

Worldwide spending on information security products and services rose to $114 billion in 2018, up from $102 billion in 2017, an increase of 12.4 Apps from other sources can carry malware or spyware. To be sure, it’s not as if the good guys aren’t also innovating. percent, according to tech consultancy Gartner.

Passwords

Passwords Password Management Antivirus Internet

Experts discovered the first mobile malware families linked to Russia’s Gamaredon

Security Affairs

DECEMBER 12, 2024

The Russia-linked APT Gamaredon used two new Android spyware tools calledBoneSpyandPlainGnome against former Soviet states. net, consistent with Gamaredons techniques since 2017. Lookout researchers linked the BoneSpy and PlainGnome Android surveillance families to the Russian APT group Gamaredon (a.k.a.

Mobile

Mobile Malware Surveillance Social Engineering

Operation Falcon: Group-IB helps INTERPOL identify Nigerian BEC ring members

Security Affairs

NOVEMBER 25, 2020

Since at least 2017, the prolific gang compromised at least 500,000 government and private sector companies in more than 150 countries. The investigation continues as some of the gang members remain at large. 4 The example of the compromised data from the cybercriminals’ logs.

Cybercrime

Cybercrime Phishing Social Engineering Spyware

Security Affairs newsletter Round 224 – News of the week

Security Affairs

JULY 28, 2019

WSJ says Equifax to Pay $700 million settlement for 2017 breach. Android Spyware Monokle, developed by Russian defense contractor, used in targeted attacks. Kazakhstan wants to intercept all HTTPS Internet traffic of its citizens. New APT34 campaign uses LinkedIn to deliver fresh malware.

Antivirus

Antivirus Spyware Advertising Hacking

Trojans and Spyware Are Making a Comeback

Chinese EagleMsgSpy Spyware Found Exploiting Mobile Devices Since 2017

Trending Sources

Unauthorized data access vulnerability in macOS is detailed by Microsoft

Skygofree: New Government Malware for Android

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

Mandrake Android spyware found in five apps in Google Play with over 32,000 downloads since 2022

APT C-23 group targets Middle East with an enhanced Android spyware variant

Earth Empusa targets minority group with Android ActionSpy spyware

CloudMensis spyware went undetected for many years

Donot Team targets a Togo prominent activist with Indian-made spyware

Facebook Cracks Down on Spyware Vendors from U.S., China, Russia, Israel, and India

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

Mandrake, a high sophisticated Android spyware used in targeted attacks

Courts Hand Down Hard Jail Time for DDoS

XLoader, a $49 spyware that could target both Windows and macOS devices

Updated Android spyware GravityRAT steals WhatsApp Backups

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

App tainted with Ahmyst Open-source spyware appeared on Google Play Store twice

Amnesty claims that 2 Morocco rights advocates were targeted by NSO Group spyware

Experts discovered surveillance tool EagleMsgSpy used by Chinese law enforcement

Phishing attacks use an old Microsoft Office flaw to spread Agent Tesla malware

Hackers modify popular OpenVPN Android app to include spyware

Uber Deployed ‘Surfcam Spyware’ in Australia to Crush the Competition – Report

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

A man faces up to 25 years in prison for his role in operating unlicensed crypto exchange BTC-e

Exodus, a government malware that infected innocent victims

Second-ever UEFI rootkit used in North Korea-themed attacks

Extortion, precision malware, and ruthless scams. Read the State of Malware 2021 report

GravityRAT malware also targets Android and macOS

Amnesty International filed a lawsuit against Israeli surveillance firm NSO

Al Jazeera detected and blocked disruptive cyberattacks

New Coronavirus-themed malspam campaign delivers FormBook Malware

Seceon to Participate In AGC Partners’ 2017 Boston Technology Growth Conference

Seceon to Participate In AGC Partners’ 2017 Boston Technology Growth Conference

EagleMsgSpy: Unmasking a Sophisticated Chinese Surveillance Tool

Threat Actors Spread Agent Tesla Disguised as COVID-19 Vaccination Registration

Security Affairs newsletter Round 261

APT trends report Q3 2024

PhantomLance, a four-year-long cyberespionage spying campaign

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

Experts discovered the first mobile malware families linked to Russia’s Gamaredon

Operation Falcon: Group-IB helps INTERPOL identify Nigerian BEC ring members

Security Affairs newsletter Round 224 – News of the week

Stay Connected