Security Affairs

JUNE 24, 2025

” “House staff are NOT allowed to download or keep the WhatsApp application on any House device, including any mobile, desktop, or web browser versions of its products.” House staff are strictly prohibited from using or downloading WhatsApp on any House device. ” continues the email.

Government 97

Government Spyware Encryption Mobile 97

Security Affairs

APRIL 16, 2025

” In September, security researchers from G DATA discovered more than two dozen Android mobile phones from different manufacturers already infected by pre-installed malware.

Malware 129

Malware Manufacturing Mobile Spyware 129

Security Affairs

JUNE 15, 2025

Palo Alto Networks fixed multiple privilege escalation flaws Unusual toolset used in recent Fog Ransomware attack A cyberattack on United Natural Foods caused bread shortages and bare shelves Apple confirmed that Messages app flaw was actively exploited in the wild Trend Micro fixes critical bugs in Apex Central and TMEE PolicyServer Paragon Graphite (..)

Spyware 61

Spyware Data breaches Cybercrime Hacking 61

Security Affairs

JUNE 15, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Supply chain attack hits Gluestack NPM packages with 960K weekly downloads Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721 Destructive npm Packages Disguised as Utilities Enable Remote (..)

Malware 74

Malware Spyware Ransomware Hacking 74

SecureList

DECEMBER 9, 2024

The breach allowed the threat actor to download SMS message logs. However, delegating tasks also introduces new information security challenges. The packages imitated libraries for LLMs, whereas in fact they downloaded the JarkaStealer malware to the victim’s system. Why does it matter?

Internet 107

Internet Internet Risk Social Engineering 107

Security Affairs

FEBRUARY 15, 2025

CISA adds Microsoft Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog Microsoft Patch Tuesday security updates for February 2025 ficed 2 actively exploited bugs Hacking Attackers exploit a new zero-day to hijack Fortinet firewalls Security OpenSSL patched high-severity flaw CVE-2024-12797 Progress Software fixed multiple high-severity (..)

Spyware 70

Spyware Firewall Artificial Intelligence Malware 70

Security Affairs

MARCH 2, 2025

Soldier Charged in AT&T Hack Searched Can Hacking Be Treason Group-IB contributes to joint operation of Royal Thai Police and Singapore Police Force leading to arrest of cybercriminal behind more than 90 data leaks worldwide UAC-0173 against the Notary Office of Ukraine (CERT-UA#13738) North Korea Responsible for $1.5

Cybercrime 61

Cybercrime Hacking Ransomware Cryptocurrency 61

Security Affairs

JULY 30, 2024

A new version of the Mandrake Android spyware has been found in five apps on Google Play, which have been downloaded over 32,000 times since 2022. Researchers from Kaspersky discovered a new version of the Mandrake Android spyware in five app on Google Play, totaling over 32,000 downloads between 2022 and 2024.

Spyware 128

Spyware Malware Mobile Marketing 128

Security Affairs

AUGUST 7, 2024

A previously unknown Android Spyware, dubbed LianSpy, has been targeting Russian users since at least 2021. In March 2024, cybersecurity researchers from Kaspersky discovered previously unknown Android spyware dubbed LianSpy. If found, the file is downloaded to the application’s internal data directory.

Spyware 143

Spyware Malware Encryption Data collection 143

Security Affairs

NOVEMBER 10, 2021

South Korean users have been targeted with a new sophisticated Android spyware, tracked as PhoneSpy, as part of an ongoing campaign. Researchers from Zimperium zLabs uncovered an ongoing campaign aimed at infecting the mobile phones of South Korean users with new sophisticated android spyware dubbed PhoneSpy. Zimperium concludes.

Spyware 145

Spyware Mobile Social Engineering Surveillance 145

Security Affairs

FEBRUARY 24, 2021

The threat actors used by spyware to take over the target systems, spy on the victims, and exfiltrate data. ” The attack chain begins with spear-phishing messages that include a link to an alleged important document to download. The link points to files containing spyware that could infect both Mac OS or Windows systems.

Spyware 129

Spyware Surveillance Government Phishing 129

Security Affairs

NOVEMBER 3, 2023

Kaspersky researchers are warning of multiple WhatsApp mods that embed a spyware module dubbed CanesSpy. Kaspersky researchers discovered multiple WhatsApp mods that embed a spyware module dubbed CanesSpy. mods are modifications or alterations made to an application, often by third-party developers or users.

Spyware 136

Spyware Malware Mobile Advertising 136

Security Affairs

FEBRUARY 11, 2021

Lookout researchers provided details about two Android spyware families employed by an APT group tracked as Confucius. Researchers at mobile security firm Lookout have provided details about two recently discovered Android spyware families, dubbed Hornbill and SunBird, used by an APT group named Confucius. Pierluigi Paganini.

Spyware 144

Spyware Surveillance Malware Mobile 144

Security Affairs

MARCH 27, 2021

Researchers spotted a sophisticated Android spyware that implements exfiltration capabilities and surveillance features, including recording audio and phone calls. Experts from security firm Zimperium have spotted a new sophisticated Android spyware that masquerades itself as a System Update application. Pierluigi Paganini.

Spyware 119

Spyware Malware Surveillance Mobile 119

Security Affairs

NOVEMBER 26, 2021

A threat actor, tracked as APT C-23, is using new powerful Android spyware in attacks aimed at targets in the Middle East. The APT C-23 cyberespionage group (also known as GnatSpy, FrozenCell, or VAMP) continues to target entities in the Middle East with enhanced Android spyware masqueraded as seemingly harmless app updates (i.e.

Spyware 120

Spyware Social Engineering Surveillance Malware 120

Security Affairs

JUNE 1, 2023

Researchers discovered spyware, dubbed SpinOk, hidden in 101 Android apps with over 400 million downloads in Google Play. Upon executing the module, the malware-laced SDK connects to the C2 sending back a large amount of system information about the infected device.

Spyware 98

Spyware Advertising Malware Marketing 98

Security Affairs

JULY 19, 2022

Researchers spotted previously undocumented spyware, dubbed CloudMensis, that targets the Apple macOS systems. Experts have yet to determine how the victims are initially compromised by this spyware. It doesn’t use a publicly accessible link; it includes an access token to download the MyExecute file from the drive.

Spyware 98

Spyware Malware Authentication Architecture 98

Security Affairs

APRIL 16, 2024

Researchers warn of a renewed cyber espionage campaign targeting users in South Asia with the Apple iOS spyware LightSpy Blackberry researchers discovered a renewed cyber espionage campaign targeting South Asia with an Apple iOS spyware called LightSpy.

Spyware 133

Spyware Malware Mobile Encryption 133

Security Affairs

NOVEMBER 30, 2022

Google’s Threat Analysis Group (TAG) linked three exploitation frameworks to a Spanish surveillance spyware vendor named Variston. While tracking the activities of commercial spyware vendors, Threat Analysis Group (TAG) spotted an exploitation framework likely linked Variston IT, a Spanish firm. ” TAG concludes.

Spyware 110

Spyware Surveillance Risk Hacking 110

Security Affairs

SEPTEMBER 8, 2019

Security experts at Google have removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” ” Google has removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” ” states the analysis. The C&C URL 6.

Spyware 111

Spyware Advertising Malware Cryptocurrency 111

Security Affairs

AUGUST 30, 2023

The domain was registered on February 15 th , 2022, and provides a link to download the malicious Signal Plus Messenger application either from Google Play or directly from the website” continues the report. Signal Plus Messenger can collect device data and sensitive information, and spy on the victim’s Signal communications.

Spyware 134

Spyware Accountability Malware Hacking 134

Security Affairs

JUNE 15, 2020

The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. Attackers injected the malicious code to deploy the spyware in websites, some of them were actually fake. The server, in turn, may send some commands to the compromised device.

Spyware 106

Spyware Advertising Encryption Phishing 106

Security Affairs

JULY 20, 2023

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. Upon installing the two spyware, they request extensive device permissions.

Spyware 98

Spyware Surveillance Malware Mobile 98

Security Affairs

OCTOBER 11, 2021

A Togolese human rights advocate was hit by mobile spyware that has been allegedly developed by an Indian firm called Innefu Labs. Experts believe the attackers used a spyware developed by an Indian company called Innefu Labs. In the past, the Donot Team spyware was found in attacks outside of South Asia. Pierluigi Paganini.

Spyware 102

Spyware Surveillance Accountability Marketing 102

Security Affairs

JULY 18, 2019

The researchers attribute the spyware to the Russia-linked and Gamaredon Group. The modules used by EvilGnome are reminiscent of the Windows tools used by the Gamaredon Group, other analogies include the use of SFX, persistence with task scheduler and the deployment of information stealers. Pierluigi Paganini.

Spyware 109

Spyware Malware Advertising Cyber Attacks 109

Security Affairs

JULY 21, 2021

FormBook is a data-stealing malware that is used in cyber espionage campaigns, like other spyware it is capable of extracting data from HTTP sessions, keystroke logging, stealing clipboard contents. The post XLoader, a $49 spyware that could target both Windows and macOS devices appeared first on Security Affairs.

Spyware 114

Spyware Malware Cybercrime Advertising 114

Security Affairs

MAY 18, 2020

Security experts discovered a highly sophisticated Android spyware platform, dubbed Mandrake, that remained undetected for four years. Researchers from Bitdefender discovered a high-sophisticated Android spyware platform dubbed Mandrake, it was involved in highly targeted attacks against specific devices. Pierluigi Paganini.

Spyware 114

Spyware Malware Advertising Banking 114

Security Affairs

JULY 9, 2023

million downloads have been discovered spying on users and sending data to China. Researchers from cybersecurity firm Pradeo discovered two malicious apps on Google Play hinding spyware and spying on up to 1.5 As an individual Do not download applications that do not have any reviews while thousands of users. million users.

Spyware 98

Spyware Mobile Media Hacking 98

Security Affairs

JUNE 16, 2023

An updated version of the Android remote access trojan GravityRAT can steal WhatsApp backup files and can delete files ESET researchers discovered an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can delete files. The malware is distributed as the messaging apps BingeChat and Chatico.

Backups 98

Backups Spyware Malware Accountability 98

Security Affairs

NOVEMBER 11, 2022

Researchers from mobile security firm Lookout uncovered two long-running surveillance campaigns targeting the Uyghurs minority. The threat actors behind the campaigns used two Android spyware to spy on the victims and steal sensitive information. List of installed packages. Pierluigi Paganini.

Surveillance 98

Surveillance Spyware Malware Mobile 98

Security Affairs

JUNE 2, 2022

The victim downloads and opens the malicious app that installs FluBot. FluBot downloads a list of new contacts to target. The post An international police operation dismantled FluBot spyware appeared first on Security Affairs. The victim received an SMS message that includes a link to a malicious URL. Pierluigi Paganini.

Spyware 102

Spyware Malware Banking Cybercrime 102

Security Affairs

SEPTEMBER 27, 2020

Experts from Amnesty International uncovered a surveillance campaign that targeted Egyptian civil society organizations with a new version of FinSpy spyware. “While continuing research into this group’s activity, we discovered it has distributed samples of FinSpy for Microsoft Windows through a fake Adobe Flash Player download website.

Spyware 145

Spyware Surveillance Advertising Hacking 145

Security Affairs

JUNE 24, 2022

Google’s Threat Analysis Group (TAG) revealed that the Italian spyware vendor RCS Labs was supported by ISPs to spy on users. Once clicked the link, the victim is redirected to a page designed to trick users into downloading and installing a malicious application on either Android or iOS. Pierluigi Paganini.

Surveillance 136

Surveillance Mobile Spyware Telecommunications 136

Security Affairs

SEPTEMBER 10, 2023

Researchers from Kaspersky discovered several Telegram mods on the Google Play Store that contained spyware, the campaign was tracked as Evil Telegram. One of the apps was downloaded more than ten million times before it was removed from Google Play. “Attacks employing various unofficial Telegram mods are on the rise of late.

Spyware 138

Spyware Advertising Encryption Hacking 138

Security Affairs

APRIL 11, 2021

More than 500,000 Huawei users have been infected with the Joker malware after downloading apps from the company’s official Android store. More than 500,000 Huawei users were infected with the Joker malware after they have downloaded tainted apps from the company’s official Android store. ltd, the remaining 2 by the developer ??.

Malware 145

Malware Spyware Mobile Antivirus 145

Security Affairs

NOVEMBER 2, 2022

Threat actors are using previously undocumented Android spyware, dubbed SandStrike, to spy on a Persian-speaking religion minority. In Q3 2022, Kaspersky researchers uncovered a previously undocumented Android spyware, dubbed SandStrike, employed in an espionage campaign targeting the Persian-speaking religion minority, Bahá?í.

Spyware 119

Spyware Malware VPN Accountability 119

Security Affairs

SEPTEMBER 18, 2020

Every third email, meanwhile, contained spyware , which is used by threat actors to steal payment data or other sensitive info to then put it on sale in the darknet or blackmail its owner. Another 17 percent contained downloaders, while backdoors and banking Trojans came third with a 16- and 15-percent shares, respectively.

Phishing 136

Phishing Ransomware Spyware Banking 136