2017 and Spyware - Cyber Security Informer

Trojans and Spyware Are Making a Comeback

Adam Levin

JANUARY 25, 2019

Trojan horse-based malware attacks and spyware rose sharply in 2018 as ransomware-based attacks declined, according to a new report published by Malwarebytes. Ransomware attacks remain a persistent threat, but are not as prevalent as they were at their peak in 2017, which coincided with the meteoric rise in cyptocurrency values.

Spyware

Spyware Ransomware Banking Malware

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

Security Affairs

JULY 20, 2023

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. Upon installing the two spyware, they request extensive device permissions.

Spyware

Spyware Surveillance Mobile Malware

CloudMensis spyware went undetected for many years

Security Affairs

JULY 19, 2022

Researchers spotted previously undocumented spyware, dubbed CloudMensis, that targets the Apple macOS systems. Experts have yet to determine how the victims are initially compromised by this spyware. The post CloudMensis spyware went undetected for many years appeared first on Security Affairs. ” continues the post.

Spyware

Spyware Malware Authentication Architecture

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Updated Android spyware GravityRAT steals WhatsApp Backups

Security Affairs

JUNE 16, 2023

An updated version of the Android remote access trojan GravityRAT can steal WhatsApp backup files and can delete files ESET researchers discovered an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can delete files. The malware is distributed as the messaging apps BingeChat and Chatico.

Backups

Backups Spyware Malware Accountability

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 1, 2023

CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices. The exploits were used to install commercial spyware and malicious apps on targets’ devices. The threat actors behind the attacks used both zero-day and n-day exploits in their exploits.

Spyware

Spyware Surveillance Mobile Education

APT C-23 group targets Middle East with an enhanced Android spyware variant

Security Affairs

NOVEMBER 26, 2021

A threat actor, tracked as APT C-23, is using new powerful Android spyware in attacks aimed at targets in the Middle East. The APT C-23 cyberespionage group (also known as GnatSpy, FrozenCell, or VAMP) continues to target entities in the Middle East with enhanced Android spyware masqueraded as seemingly harmless app updates (i.e.

Spyware

Spyware Social Engineering Surveillance Engineering

Donot Team targets a Togo prominent activist with Indian-made spyware

Security Affairs

OCTOBER 11, 2021

A Togolese human rights advocate was hit by mobile spyware that has been allegedly developed by an Indian firm called Innefu Labs. Experts believe the attackers used a spyware developed by an Indian company called Innefu Labs. In the past, the Donot Team spyware was found in attacks outside of South Asia. Pierluigi Paganini.

Spyware

Spyware Surveillance Accountability Mobile

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

Security Affairs

JUNE 22, 2020

Researchers at Amnesty International collected evidence that a Moroccan journalist was targeted with network injection attacks using NSO Group ‘s spyware. reads the analysis published by Amnesty International in October. ” reads the report published by Amnesty International.

Spyware

Spyware Surveillance Mobile Advertising

Seceon to Participate In AGC Partners’ 2017 Boston Technology Growth Conference

Security Boulevard

MAY 31, 2023

Throughout the day we will have a chance to meet dozens of more than 350 strategic buyers and […] The post Seceon to Participate In AGC Partners’ 2017 Boston Technology Growth Conference appeared first on Seceon. The post Seceon to Participate In AGC Partners’ 2017 Boston Technology Growth Conference appeared first on Security Boulevard.

Technology

Technology Artificial Intelligence Spyware DDOS

Seceon to Participate In AGC Partners’ 2017 Boston Technology Growth Conference

Security Boulevard

MAY 31, 2023

Throughout the day we will have a chance to meet dozens of more than 350 strategic buyers and […] The post Seceon to Participate In AGC Partners’ 2017 Boston Technology Growth Conference appeared first on Seceon. The post Seceon to Participate In AGC Partners’ 2017 Boston Technology Growth Conference appeared first on Security Boulevard.

Technology

Technology Artificial Intelligence Spyware DDOS

Hackers modify popular OpenVPN Android app to include spyware

Bleeping Computer

NOVEMBER 24, 2022

A threat actor associated with cyberespionage operations since at least 2017 has been luring victims with fake VPN software for Android that is a trojanized version of legitimate software SoftVPN and OpenVPN. [.].

Spyware

Spyware VPN Software

Phishing attacks use an old Microsoft Office flaw to spread Agent Tesla malware

Security Affairs

DECEMBER 21, 2023

Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882, to spread the Agent Tesla malware. Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882 (CVSS score: 7.8), as part of phishing campaigns to spread the Agent Tesla malware.

Malware

Malware Phishing Spyware Cyber threats

Earth Empusa targets minority group with Android ActionSpy spyware

Security Affairs

JUNE 15, 2020

The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. ActionSpy, which may have been around since 2017, is an Android spyware that allows the attacker to collect information from the compromised devices,” reads the report published by Trend Micro.

Spyware

Spyware Advertising Encryption Phishing

XLoader, a $49 spyware that could target both Windows and macOS devices

Security Affairs

JULY 21, 2021

FormBook is a data-stealing malware that is used in cyber espionage campaigns, like other spyware it is capable of extracting data from HTTP sessions, keystroke logging, stealing clipboard contents. The malware was pulled from sale in 2017, but it continued to infect systems across the world. Pierluigi Paganini.

Spyware

Spyware Malware Cybercrime Advertising

Uber Deployed ‘Surfcam Spyware’ in Australia to Crush the Competition – Report

Threatpost

MARCH 20, 2019

Until a report this week, Uber's Surfcam's use was thought to be limited to incidents uncovered in Singapore in 2017. For its part, Uber denies that it's a "spyware.".

Spyware

Spyware Malware

Mandrake, a high sophisticated Android spyware used in targeted attacks

Security Affairs

MAY 18, 2020

Security experts discovered a highly sophisticated Android spyware platform, dubbed Mandrake, that remained undetected for four years. Researchers from Bitdefender discovered a high-sophisticated Android spyware platform dubbed Mandrake, it was involved in highly targeted attacks against specific devices. Pierluigi Paganini.

Spyware

Spyware Malware Advertising Banking

A man faces up to 25 years in prison for his role in operating unlicensed crypto exchange BTC-e

Security Affairs

FEBRUARY 6, 2024

“According to the indictment, between 2011 and July 2017, Aliaksandr Klimenka, 42, allegedly controlled BTC-e, a digital currency exchange, with Alexander Vinnik and others.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, commercial spyware )

Cryptocurrency

Cryptocurrency Spyware Cybercrime Hacking

Skygofree: New Government Malware for Android

Schneier on Security

JANUARY 22, 2018

The activities continue: the most recently observed domain was registered on October 31, 2017. Moreover, as we dived deeper into the investigation, we discovered several spyware tools for Windows that form an implant for exfiltrating sensitive data on a targeted machine. BoingBoing post.

Malware

Malware Government Spyware Hacking

App tainted with Ahmyst Open-source spyware appeared on Google Play Store twice

Security Affairs

AUGUST 22, 2019

The popular malware researcher Lukas Stefanko from ESET discovered that a malicious spyware, built on the AhMyth open-source espionage tool, was uploaded on Google Play twice over two weeks, bypassing Google security checks. ” The source code of the RAT is available on GitHub since October 2017. . ” wrote Stafanko.

Spyware

Spyware Advertising Malware Mobile

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. Kaspersky researchers revealed to have found MosaicRegressor components at several dozen entities between 2017 and 2019.

Firmware

Firmware Spyware Surveillance Hacking

Exodus, a government malware that infected innocent victims

Security Affairs

MARCH 30, 2019

Security researchers have found a new government spyware, tracked as Exodus, that was distributed through the Google Play Store. The researchers argue that the surveillance operation might have targeted also innocent victims because the spyware was poorly developed, a circumstance that is confirmed makes the software illegal.

Government

Government Malware Spyware Surveillance

Extortion, precision malware, and ruthless scams. Read the State of Malware 2021 report

Malwarebytes

FEBRUARY 16, 2021

of all Mac detections in 2020—the rest can be attributed to Potentially Unwanted Programs (PUPs) and Adware ThiefQuest tricked many researchers into believing it was the first example of ransomware on macOS since 2017, but the malware was hiding its real activity of massive data exfiltration. New adversaries crawled out of the woodwork, too.

Malware

Malware Scams Spyware Healthcare

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Security Affairs

APRIL 8, 2020

A new shocking revelation comes from the disputed from NSO Group and Facebook, NSO CEO claims Facebook tried to buy an Apple spying software in 2017. “According to a declaration from NSO CEO Shalev Hulio , two Facebook representatives approached NSO in October 2017 and asked to purchase the right to use certain capabilities of Pegasus.”

Surveillance

Surveillance Spyware Advertising Government

Threat Actors Spread Agent Tesla Disguised as COVID-19 Vaccination Registration

Hot for Security

JUNE 18, 2021

According to a joint CISA and FBI advisory , CVE-2017-11882 was among the most exploited software vulnerabilities between 2016 and 2019. So it seems that bad actors are still hunting for outdated and unpatched software that can easily be compromised.

Phishing

Phishing Malware Spyware Software

Al Jazeera detected and blocked disruptive cyberattacks

Security Affairs

JUNE 11, 2021

The attackers used an exploit chain named Kismet that was part of the arsenal of the controversial Pegasus spyware that is sold by the surveillance firm NSO Group. In June 2017, the Qatari news channel announced that all its systems were under a large-scale cyber attack.

Cyber Attacks

Cyber Attacks Media Spyware Hacking

GravityRAT malware also targets Android and macOS

Security Affairs

OCTOBER 19, 2020

Researchers spotted new variants of the Windows GravityRAT spyware that now can also infect Android and macOS devices. ” reads an analysis published by Cisco Talos that spotted the malware back in 2017 when it was used by an APT group targeting India.

Malware

Malware Computers and Electronics Spyware Advertising

New Coronavirus-themed malspam campaign delivers FormBook Malware

Security Affairs

MARCH 8, 2020

The final payload is the FormBook information-stealing Trojan, a malware that was first spotted by researchers at FireEye in October 2017. FormBook data-stealing malware was used with cyber espionage purposes, like other spyware it is capable of extracting data from HTTP sessions, keystroke logging, stealing clipboard contents.

Malware

Malware Scams Social Engineering Phishing

A deeper insight into the CloudWizard APT’s activity revealed a long-running activity

Security Affairs

MAY 23, 2023

In the latest campaign uncovered by Kaspersky, the APT group, used a modular framework dubbed CloudWizard that supports spyware capabilities, including taking screenshots, microphone recording, harvesting Gmail inboxes, and keylogging. Since 2017, there have been no traces of Groundbait and BugDrop operations.

Malware

Malware Spyware Encryption Phishing

Threat Actors Spread Agent Tesla Disguised as COVID-19 Vaccination Registration

Hot for Security

JUNE 18, 2021

According to a joint CISA and FBI advisory , CVE-2017-11882 was among the most exploited software vulnerabilities between 2016 and 2019. So it seems that bad actors are still hunting for outdated and unpatched software that can easily be compromised.

Phishing

Phishing Malware Spyware Software

Security Affairs newsletter Round 261

Security Affairs

APRIL 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware

Spyware Hacking Advertising Antivirus

PhantomLance, a four-year-long cyberespionage spying campaign

Security Affairs

APRIL 28, 2020

The PhantomLance malware implements classic spyware functionalities, it could exfiltrate user data, phone call logs, SMS messages, contacts, and GPS data. Android version, installed apps). . The malicious code is also able to deploy additional malicious payloads. . . Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Advertising Spyware Marketing

Operation Falcon: Group-IB helps INTERPOL identify Nigerian BEC ring members

Security Affairs

NOVEMBER 25, 2020

Since at least 2017, the prolific gang compromised at least 500,000 government and private sector companies in more than 150 countries. The investigation continues as some of the gang members remain at large. 4 The example of the compromised data from the cybercriminals’ logs.

Cybercrime

Cybercrime Phishing Social Engineering Spyware

Security Affairs newsletter Round 224 – News of the week

Security Affairs

JULY 28, 2019

WSJ says Equifax to Pay $700 million settlement for 2017 breach. Android Spyware Monokle, developed by Russian defense contractor, used in targeted attacks. Kazakhstan wants to intercept all HTTPS Internet traffic of its citizens. New APT34 campaign uses LinkedIn to deliver fresh malware.

Antivirus

Antivirus Spyware Advertising Hacking

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Security Affairs

JUNE 18, 2020

The group was first spotted by ESET in 2018, when the experts detected a sophisticated piece of spyware, tracked as InvisiMole, used in targeted attacks in Russia and Ukraine in the previous five years. The attack chain begins with the deployment of a TCP downloader that fetches the next stage payload.

DNS

DNS Advertising Spyware Software

Canadian Police Raid ‘Orcus RAT’ Author

Krebs on Security

APRIL 2, 2019

2017 analysis of the RAT. However, these tools tend to be viewed by prosecutors as malware and spyware when their proprietors advertise them as hacking devices and provide customer support aimed at helping buyers deploy the RATs stealthily and evade detection by anti-malware programs.

Advertising

Advertising Malware Marketing Software

Gulf countries came under hackers’ spotlight in 2018, with more than 130 000 payment cards compromised

Security Affairs

APRIL 8, 2019

According to Group-IB’s annual Hi-Tech Crime Trends 2018 report, on average, from June 2017 to August 2018, the details of 1.8 According to Group-IB experts, cybercriminals might have used special spyware to steal user credentials — formgrabbers, keyloggers, such as Pony Formgrabber and AZORult. Map of Middle-Eastern Countries.

Artificial Intelligence

Artificial Intelligence Government Banking Advertising

CSE Malware ZLab – Chinese APT27 ’s long-term espionage campaign in Syria is still ongoing

Security Affairs

JULY 23, 2018

Security researchers from CSE Cybsec Z-Lab analyzed the content of the folder and discovered an Android spyware that was developed to exfiltrate sensitive information from victims’ devices. The homepage shows how the application works and includes some slides about it.

Malware

Malware Spyware Advertising Mobile

Identifying Common Types of Cyberattacks

SiteLock

AUGUST 27, 2021

You may be most familiar with computer malware such as Trojan viruses and spyware, which can be used to retrieve sensitive data from a computer or even take control of the system. You’ve likely read about high-profile cyberattacks in the headlines after a major data breach, such as the Equifax breach in 2017. Ransomware. Malvertising.

Small Business

Small Business DDOS Malware Phishing

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

The Last Watchdog

JANUARY 28, 2019

Worldwide spending on information security products and services rose to $114 billion in 2018, up from $102 billion in 2017, an increase of 12.4 Apps from other sources can carry malware or spyware. To be sure, it’s not as if the good guys aren’t also innovating. percent, according to tech consultancy Gartner.

Passwords

Passwords Password Management Antivirus Internet

MY TAKE: New ‘cyberthreat index’ shows SMBs cognizant of big risks, ill-prepared to deal with them

The Last Watchdog

MAY 2, 2019

In 2017, for instance, SMBs were under tremendous pressure to defend their networks against rapidly morphing ransomware attacks. In 2018, attackers shifted their focus to refining and deploying banking trojans, which essentially act as spyware.

Risk

Risk Cyber Risk Cyber threats Banking

Australian man charged with creating and selling the Imminent Monitor spyware

Security Affairs

AUGUST 1, 2022

An Australian national has been charged for the creation and sale of the Imminent Monitor (IM) spyware, which was also used for criminal purposes. The 24-year-old Australian national Jacob Wayne John Keen has been charged for his alleged role in the development and sale of spyware known as Imminent Monitor (IM). Pierluigi Paganini.

Spyware

Spyware Malware Cybercrime Hacking

Experts observed the growth of hi-tech crime landscape in Asia in 2018

Security Affairs

MARCH 19, 2019

Group-IB Threat Intelligence team identified hundreds of compromised credentials from Singaporean government agencies and educational institutions over the course of 2017 and 2018. Cybercriminals steal user accounts’ data using special spyware aimed at obtaining users’ authentication data. Have you been pwned?

Banking

Banking Government Passwords Marketing

Facebook Cracks Down on Spyware Vendors from U.S., China, Russia, Israel, and India

The Hacker News

DECEMBER 19, 2022

Meta Platforms disclosed that it took down no less than 200 covert influence operations since 2017 spanning roughly 70 countries across 42 languages. The social media conglomerate also took steps to disable accounts and block infrastructure operated by spyware vendors, including in China, Russia, Israel, the U.S.

Spyware

Spyware Media Accountability

Threat landscape for industrial automation systems. Statistics for H2 2020

SecureList

MARCH 25, 2021

Percentage of ICS computers on which malicious objects were blocked, by half-year, 2017 – 2020 ( download ). There was a rise in the percentage of ICS computers on which threats distributed over the internet and email, and spyware and miners were blocked. Spyware (+1.4 percentage points (p.p.)

Ransomware

Ransomware Spyware Internet Internet

Trojans and Spyware Are Making a Comeback

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

Webinars

Trending Sources

CloudMensis spyware went undetected for many years

Webinars

Updated Android spyware GravityRAT steals WhatsApp Backups

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

APT C-23 group targets Middle East with an enhanced Android spyware variant

Donot Team targets a Togo prominent activist with Indian-made spyware

Moroccan journalist targeted with network injection attacks using NSO Group ‘s spyware

Seceon to Participate In AGC Partners’ 2017 Boston Technology Growth Conference

Seceon to Participate In AGC Partners’ 2017 Boston Technology Growth Conference

Hackers modify popular OpenVPN Android app to include spyware

Phishing attacks use an old Microsoft Office flaw to spread Agent Tesla malware

Earth Empusa targets minority group with Android ActionSpy spyware

XLoader, a $49 spyware that could target both Windows and macOS devices

Uber Deployed ‘Surfcam Spyware’ in Australia to Crush the Competition – Report

Mandrake, a high sophisticated Android spyware used in targeted attacks

A man faces up to 25 years in prison for his role in operating unlicensed crypto exchange BTC-e

Skygofree: New Government Malware for Android

App tainted with Ahmyst Open-source spyware appeared on Google Play Store twice

Second-ever UEFI rootkit used in North Korea-themed attacks

Exodus, a government malware that infected innocent victims

Extortion, precision malware, and ruthless scams. Read the State of Malware 2021 report

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Threat Actors Spread Agent Tesla Disguised as COVID-19 Vaccination Registration

Al Jazeera detected and blocked disruptive cyberattacks

GravityRAT malware also targets Android and macOS

New Coronavirus-themed malspam campaign delivers FormBook Malware

A deeper insight into the CloudWizard APT’s activity revealed a long-running activity

Threat Actors Spread Agent Tesla Disguised as COVID-19 Vaccination Registration

Security Affairs newsletter Round 261

PhantomLance, a four-year-long cyberespionage spying campaign

Operation Falcon: Group-IB helps INTERPOL identify Nigerian BEC ring members

Security Affairs newsletter Round 224 – News of the week

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Canadian Police Raid ‘Orcus RAT’ Author

Gulf countries came under hackers’ spotlight in 2018, with more than 130 000 payment cards compromised

CSE Malware ZLab – Chinese APT27 ’s long-term espionage campaign in Syria is still ongoing

Identifying Common Types of Cyberattacks

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

MY TAKE: New ‘cyberthreat index’ shows SMBs cognizant of big risks, ill-prepared to deal with them

Australian man charged with creating and selling the Imminent Monitor spyware

Experts observed the growth of hi-tech crime landscape in Asia in 2018

Facebook Cracks Down on Spyware Vendors from U.S., China, Russia, Israel, and India

Threat landscape for industrial automation systems. Statistics for H2 2020

Stay Connected