Download, Information Security, Spyware and Surveillance

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Security Affairs

NOVEMBER 11, 2022

Lookout researchers discovered two long-running surveillance campaigns targeting the ethnic minority Uyghurs. Researchers from mobile security firm Lookout uncovered two long-running surveillance campaigns targeting the Uyghurs minority. The malware is able to steal sensitive data, record audio, and download arbitrary files.

Surveillance

Surveillance Spyware Malware Mobile

Google links three exploitation frameworks to Spanish commercial spyware vendor Variston

Security Affairs

NOVEMBER 30, 2022

Google’s Threat Analysis Group (TAG) linked three exploitation frameworks to a Spanish surveillance spyware vendor named Variston. While tracking the activities of commercial spyware vendors, Threat Analysis Group (TAG) spotted an exploitation framework likely linked Variston IT, a Spanish firm. ” TAG concludes.

Spyware

Spyware Surveillance Risk Internet

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

Security Affairs

JULY 20, 2023

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. Upon installing the two spyware, they request extensive device permissions.

Spyware

Spyware Surveillance Mobile Malware

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

Security Affairs

JUNE 24, 2022

Google’s Threat Analysis Group (TAG) revealed that the Italian spyware vendor RCS Labs was supported by ISPs to spy on users. TAG researchers tracked more than 30 vendors selling exploits or surveillance capabilities to nation-state actors. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Surveillance

Surveillance Mobile Spyware Telecommunications

Iranian govt uses BouldSpy Android malware for internal surveillance operations

Security Affairs

MAY 1, 2023

Researchers at the Lookout Threat Lab have discovered a new Android surveillance spyware, dubbed BouldSpy, that was used by the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). However, much of the victim data points to its broader usage, which indicates targeted surveillance efforts towards minorities within Iran.”

Surveillance

Surveillance Malware Spyware Education

Sophisticated Android spyware PhoneSpy infected thousands of Korean phones

Security Affairs

NOVEMBER 10, 2021

South Korean users have been targeted with a new sophisticated Android spyware, tracked as PhoneSpy, as part of an ongoing campaign. Researchers from Zimperium zLabs uncovered an ongoing campaign aimed at infecting the mobile phones of South Korean users with new sophisticated android spyware dubbed PhoneSpy. Zimperium concludes.

Spyware

Spyware Mobile Social Engineering Surveillance

Donot Team targets a Togo prominent activist with Indian-made spyware

Security Affairs

OCTOBER 11, 2021

A Togolese human rights advocate was hit by mobile spyware that has been allegedly developed by an Indian firm called Innefu Labs. Experts believe the attackers used a spyware developed by an Indian company called Innefu Labs. In the past, the Donot Team spyware was found in attacks outside of South Asia.

Spyware

Spyware Surveillance Accountability Mobile

Experts spotted two Android spyware used by Indian APT Confucius

Security Affairs

FEBRUARY 11, 2021

Lookout researchers provided details about two Android spyware families employed by an APT group tracked as Confucius. Researchers at mobile security firm Lookout have provided details about two recently discovered Android spyware families, dubbed Hornbill and SunBird, used by an APT group named Confucius. Pierluigi Paganini.

Spyware

Spyware Surveillance Malware Mobile

Experts spotted a new advanced Android spyware posing as “System Update”

Security Affairs

MARCH 27, 2021

Researchers spotted a sophisticated Android spyware that implements exfiltration capabilities and surveillance features, including recording audio and phone calls. Experts from security firm Zimperium have spotted a new sophisticated Android spyware that masquerades itself as a System Update application.

Spyware

Spyware Malware Surveillance Mobile

APT C-23 group targets Middle East with an enhanced Android spyware variant

Security Affairs

NOVEMBER 26, 2021

A threat actor, tracked as APT C-23, is using new powerful Android spyware in attacks aimed at targets in the Middle East. The APT C-23 cyberespionage group (also known as GnatSpy, FrozenCell, or VAMP) continues to target entities in the Middle East with enhanced Android spyware masqueraded as seemingly harmless app updates (i.e.

Spyware

Spyware Social Engineering Surveillance Engineering

APT32 state hackers target human rights defenders with spyware

Security Affairs

FEBRUARY 24, 2021

The threat actors used by spyware to take over the target systems, spy on the victims, and exfiltrate data. “This unlawful surveillance violates the right to privacy and stifles freedom of expression.” The link points to files containing spyware that could infect both Mac OS or Windows systems. Pierluigi Paganini.

Spyware

Spyware Surveillance Government Phishing

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Security Affairs

APRIL 8, 2020

In October 2019, WhatsApp sued the Israeli surveillance firm NSO Group accusing it of carrying out malicious attacks against its users. In May, Facebook has patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device.

Surveillance

Surveillance Spyware Advertising Government

Unknown FinSpy Mac and Linux versions found in Egypt

Security Affairs

SEPTEMBER 27, 2020

Experts from Amnesty International uncovered a surveillance campaign that targeted Egyptian civil society organizations with a new version of FinSpy spyware. The binaries are obfuscated and do some checks to detect if the spyware is running in a Virtual Machine. ” reads the Amnesty’s report.

Spyware

Spyware Surveillance Mobile Advertising

Watch out! CVE-2023-5129 in libwebp library affects millions applications

Security Affairs

SEPTEMBER 27, 2023

The issue made the headline under another CVEs because it was actively exploited to deploy surveillance spyware, and it was tracked separately as CVE-2023-41064 and CVE-2023-4863. Rezilion researchers reported that the scope of this vulnerability is much wider than initially assumed. ” reads the analysis published by Rezilion.

Spyware

Spyware Surveillance Software Hacking

Security Affairs newsletter Round 415 by Pierluigi Paganini – International edition

Security Affairs

APRIL 16, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived!

Data breaches

Data breaches Spyware Retail Surveillance

Baidu Android apps removed from Play Store because caught collecting user details

Security Affairs

NOVEMBER 24, 2020

The two apps were discovered by Palo Alto Networks, which identify them, along with other apps leaking data, using a machine learning (ML)-based spyware detection system. The two apps had a total of more than 6 million downloads at the time of their discovery.

Data collection

Data collection Mobile Spyware Surveillance

Security Affairs newsletter Round 438 by Pierluigi Paganini – International edition

Security Affairs

SEPTEMBER 24, 2023

0-days exploited by commercial surveillance vendor in Egypt PREDATOR IN THE WIRES OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes Cybersecurity Apple and Google Are Introducing New Ways to Defeat Cell Site Simulators, But Is it Enough?

Cyber Attacks

Cyber Attacks Firewall Data breaches Telecommunications

Security Affairs newsletter Round 418 by Pierluigi Paganini – International edition

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches

Data breaches Malware Mobile Spyware

MoonBounce UEFI implant spotted in a targeted APT41 attack

Security Affairs

JANUARY 21, 2022

“The purpose of the implant is to facilitate the deployment of user-mode malware that stages execution of further payloads downloaded from the internet;” reads the analysis published by Kaspersky. A UEFI bootkit implanted in the firmware could not be detected by AVs and any defense solution running on the OS level.

Firmware

Firmware Malware Spyware Surveillance

Security Affairs newsletter Round 221 – News of the week

Security Affairs

JULY 7, 2019

ViceLeaker Android spyware targets users in the Middle East. China installs a surveillance app on tourists phones while crossing in the Xinjiang. Updates for Samsung, the scam app with 10M+ downloads. Israeli blamed Russia for jamming at Israeli Ben Gurion airport. New variant of Dridex banking Trojan implements polymorphism.

Scams

Scams Spyware DNS Advertising

Cyber Security Informer

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Google links three exploitation frameworks to Spanish commercial spyware vendor Variston

Webinars

Trending Sources

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

Webinars

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

Iranian govt uses BouldSpy Android malware for internal surveillance operations

Sophisticated Android spyware PhoneSpy infected thousands of Korean phones

Donot Team targets a Togo prominent activist with Indian-made spyware

Experts spotted two Android spyware used by Indian APT Confucius

Experts spotted a new advanced Android spyware posing as “System Update”

APT C-23 group targets Middle East with an enhanced Android spyware variant

APT32 state hackers target human rights defenders with spyware

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Unknown FinSpy Mac and Linux versions found in Egypt

Watch out! CVE-2023-5129 in libwebp library affects millions applications

Security Affairs newsletter Round 415 by Pierluigi Paganini – International edition

Baidu Android apps removed from Play Store because caught collecting user details

Security Affairs newsletter Round 438 by Pierluigi Paganini – International edition

Security Affairs newsletter Round 418 by Pierluigi Paganini – International edition

MoonBounce UEFI implant spotted in a targeted APT41 attack

Security Affairs newsletter Round 221 – News of the week

Stay Connected