Security Affairs

NOVEMBER 10, 2021

South Korean users have been targeted with a new sophisticated Android spyware, tracked as PhoneSpy, as part of an ongoing campaign. Researchers from Zimperium zLabs uncovered an ongoing campaign aimed at infecting the mobile phones of South Korean users with new sophisticated android spyware dubbed PhoneSpy. Zimperium concludes.

Spyware 141

Spyware Mobile Social Engineering Surveillance 141

SecureList

MARCH 20, 2024

Introduction Malware for mobile devices is something we come across very often. million malware, adware, and riskware attacks on mobile devices. Last month, we wrote a total of four private crimeware reports on Android malware, three of which are summarized below. In 2023 , our technologies blocked 33.8 and sends it to the C2.

Malware 85

Malware Mobile Firmware Spyware 85

Malwarebytes

APRIL 28, 2021

Using a proven method of text messages about missed deliveries, an old player on the Android malware stage has returned for an encore. This time it seems to be very active, especially in the UK where Android users are being targeted by text messages containing a link to a particularly nasty piece of spyware called Flubot.

Spyware 138

Spyware Banking Malware Passwords 138

The State of Security

JULY 20, 2022

Three million Android users may have lost money and had their devices infected by spyware, after the discovery that the official Google Play store has been distributing apps infected by a new family of malware. Read more in my article on the Tripwire State of Security blog.

Spyware 103

Spyware Malware 103

Malwarebytes

JUNE 29, 2022

Google’s Threat Analysis Group (TAG) has revealed a sophisticated spyware activity involving ISPs (internet service providers) aiding in downloading powerful commercial spyware onto users’ mobile devices. The spyware, dubbed Hermit, is reported to have government clients much like Pegasus.

Spyware 108

Spyware Government Social Engineering Mobile 108

Security Affairs

DECEMBER 21, 2023

Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882, to spread the Agent Tesla malware. Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882 (CVSS score: 7.8), as part of phishing campaigns to spread the Agent Tesla malware.

Malware 98

Malware Phishing Spyware Cyber threats 98

Hackology

NOVEMBER 11, 2023

The emergence of Kamran spyware, targeting users of a regional news website, has raised concerns among cybersecurity experts. Distributed through a possible watering-hole attack on the Hunza News website , the spyware prompts users to grant permissions, allowing access to sensitive data.

Spyware 45

Spyware Malware Risk Mobile 45

Security Affairs

JUNE 16, 2023

An updated version of the Android remote access trojan GravityRAT can steal WhatsApp backup files and can delete files ESET researchers discovered an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can delete files. The malware is distributed as the messaging apps BingeChat and Chatico.

Backups 94

Backups Spyware Malware Accountability 94

Security Affairs

AUGUST 30, 2023

The malware distributed by the nation-state actors is Android BadBazaar , which has been previously employed in attacks aimed at Uyghurs and other Turkic ethnic minorities. The campaigns observed by the researchers are likely active since July 2020 and since July 2022, respectively. org) and a Telegram alternative app (flygram[.]org).”

Spyware 116

Spyware Accountability Malware Hacking 116

Security Boulevard

JANUARY 5, 2023

What is Malware? Malware is a type of software that is designed to infiltrate or damage computer systems without the user’s knowledge. It can take many forms, such as viruses, worms, Trojans, ransomware, and spyware. The post Malware appeared first on Cyborg Security.

Malware 70

Malware Spyware Media Ransomware 70

Security Affairs

MARCH 27, 2021

Researchers spotted a sophisticated Android spyware that implements exfiltration capabilities and surveillance features, including recording audio and phone calls. Experts from security firm Zimperium have spotted a new sophisticated Android spyware that masquerades itself as a System Update application. ” concludes the report.

Spyware 106

Spyware Malware Surveillance Mobile 106

SecureList

JUNE 21, 2023

Over the years, there have been multiple cases when iOS devices were infected with targeted spyware such as Pegasus, Predator, Reign and others. Due to this granularity, discovering one exploit in the chain often does not result in retrieving the rest of the chain and obtaining the final spyware payload. running on iOS 15.3.1

Spyware 134

Spyware Encryption Passwords Backups 134

Malwarebytes

APRIL 11, 2024

Mercenary spyware is used by governments to target people like journalists, political activists, and similar targets, and involves the use of sophisticated tools like Pegasus. Pegasus is one of the world’s most advanced and invasive spyware tools, known to utilize zero-day vulnerabilities against mobile devices. Use a password manager.

Spyware 120

Spyware Government Mobile Password Management 120

Bleeping Computer

MAY 30, 2023

A new Android malware distributed as an advertisement SDK has been discovered in multiple apps, many previously on Google Play and collectively downloaded over 400 million times. [.]

Spyware 137

Spyware Advertising Malware Mobile 137

Security Affairs

NOVEMBER 30, 2022

Google’s Threat Analysis Group (TAG) linked three exploitation frameworks to a Spanish surveillance spyware vendor named Variston. While tracking the activities of commercial spyware vendors, Threat Analysis Group (TAG) spotted an exploitation framework likely linked Variston IT, a Spanish firm. ” TAG concludes.

Spyware 102

Spyware Surveillance Risk Internet 102

Security Affairs

NOVEMBER 11, 2022

The threat actors behind the campaigns used two Android spyware to spy on the victims and steal sensitive information. The campaigns involved a new piece of malware called BadBazaar and new variants of the MOONSHINE surveillance software discovered by Citizen Lab in 2019 and employed in attacks against Tibetan activists. .

Surveillance 93

Surveillance Spyware Malware Mobile 93

Security Affairs

JULY 9, 2023

million downloads have been discovered spying on users and sending data to China. Researchers from cybersecurity firm Pradeo discovered two malicious apps on Google Play hinding spyware and spying on up to 1.5 As an individual Do not download applications that do not have any reviews while thousands of users. million users.

Spyware 97

Spyware Mobile Media Hacking 97

eSecurity Planet

SEPTEMBER 14, 2021

Apple continues to be haunted by spyware developed by an Israeli security firm that hostile governments used to hack into Apple devices to spy on journalists, activists and world leaders (see Apple Security Under Scrutiny Amid Fallout from NSO Spyware Scandal ). operating system was being exploited by the invasive Pegasus spyware.

Spyware 120

Spyware Mobile Engineering Government 120

Heimadal Security

JANUARY 14, 2022

Windows Defender is a Microsoft Windows anti-malware component. It was initially made available as a free anti-spyware download for Windows XP, and it was later included with Windows Vista and Windows 7. What Happened? Threat actors were […]. Threat actors were […].

Malware 121

Malware Spyware Antivirus Cybersecurity 121

Security Affairs

NOVEMBER 26, 2021

A threat actor, tracked as APT C-23, is using new powerful Android spyware in attacks aimed at targets in the Middle East. The APT C-23 cyberespionage group (also known as GnatSpy, FrozenCell, or VAMP) continues to target entities in the Middle East with enhanced Android spyware masqueraded as seemingly harmless app updates (i.e.

Spyware 96

Spyware Social Engineering Surveillance Engineering 96

Security Affairs

FEBRUARY 11, 2021

Lookout researchers provided details about two Android spyware families employed by an APT group tracked as Confucius. Researchers at mobile security firm Lookout have provided details about two recently discovered Android spyware families, dubbed Hornbill and SunBird, used by an APT group named Confucius.

Spyware 113

Spyware Surveillance Malware Mobile 113

CyberSecurity Insiders

DECEMBER 27, 2021

If you are in thinking that your PC or computing device is secure enough as it is loaded with an anti-malware solution, you better change your viewpoint. As some hackers have developed a malware that uses code signing certificates to avoid detection by security defenses and has the tendency to download payloads onto a compromised system.

Malware 124

Malware Adware Security Defenses Spyware 124

Security Affairs

MAY 1, 2023

Iranian authorities have been spotted using the BouldSpy Android malware to spy on minorities and traffickers. Researchers at the Lookout Threat Lab have discovered a new Android surveillance spyware, dubbed BouldSpy, that was used by the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). continues the report.

Surveillance 81

Surveillance Malware Spyware Education 81

Security Affairs

NOVEMBER 2, 2022

Threat actors are using previously undocumented Android spyware, dubbed SandStrike, to spy on a Persian-speaking religion minority. In Q3 2022, Kaspersky researchers uncovered a previously undocumented Android spyware, dubbed SandStrike, employed in an espionage campaign targeting the Persian-speaking religion minority, Bahá?í.

Spyware 104

Spyware Malware VPN Accountability 104

Security Affairs

JUNE 2, 2022

An international law enforcement operation involving 11 countries resulted in the takedown of the FluBot Android malware. An international law enforcement operation involving 11 countries led to the takedown of the infamous FluBot Android malware. The victim downloads and opens the malicious app that installs FluBot.

Spyware 90

Spyware Malware Banking Cybercrime 90

Security Affairs

JULY 21, 2021

Check Point Research (CPR) experts have spotted a cheap malware, dubbed XLoader variant, which was upgraded to target both Windows and macOS PCs. XLoader is a very cheap malware strain that is based on the popular Formbook Windows malware. Thus, a “Malware-as-a-Service” scheme is used. ” continues the report.

Spyware 102

Spyware Malware Cybercrime Advertising 102

Security Affairs

FEBRUARY 24, 2021

The threat actors used by spyware to take over the target systems, spy on the victims, and exfiltrate data. ” The attack chain begins with spear-phishing messages that include a link to an alleged important document to download. The link points to files containing spyware that could infect both Mac OS or Windows systems.

Spyware 90

Spyware Surveillance Government Phishing 90

CyberSecurity Insiders

JANUARY 5, 2022

Hackers are found inducing Zloader Malware into Windows machines since November last year and reports are in that the malicious software tool has already targeted over 2,848 victims from 111 countries so far. Highly placed sources say that the malware has been distributed via phishing campaign by a cyber threat group named MalSmoke.

Malware 131

Malware Spyware Antivirus Cyber threats 131

SecureList

OCTOBER 5, 2022

We are often asked how targets are infected with malware. Last month, we focused on infection methods used in various malware campaigns: methods that we do not see used very often. It now has a second optional command line parameter: “-bomb” When that parameter is used, the malware does the following: ?onnect

Malware 119

Malware Architecture Spyware Ransomware 119

Security Affairs

JULY 19, 2022

Google blocked dozens of malicious apps from the official Play Store that were spreading Joker, Facestealer, and Coper malware families. Google has removed dozens of malicious apps from the official Play Store that were distributing Joker, Facestealer, and Coper malware families. ” reads the analysis published by Zscaler.

Malware 121

Malware Spyware Banking Mobile 121

Security Affairs

APRIL 11, 2021

More than 500,000 Huawei users have been infected with the Joker malware after downloading apps from the company’s official Android store. More than 500,000 Huawei users were infected with the Joker malware after they have downloaded tainted apps from the company’s official Android store. aliyuncs.com/ Android.Joker.531

Malware 141

Malware Spyware Mobile Antivirus 141

Malwarebytes

JUNE 16, 2022

This news, first reported by Motherboard , is the latest in a lengthening list of spyware brands breached due to their poor cybersecurity hygiene. TheTruthSpy can be downloaded from the Google Play and Apple App stores. Unlike other malware, it is also publicly available. Not its first rodeo.

Spyware 96

Spyware Internet Internet Marketing 96

Malwarebytes

APRIL 11, 2022

A credential-stealing Windows-based malware, Spyware.FFDroider , is after social media credentials and cookies, according to researchers at ThreatLabz. The spyware is offered on download sites pretending to be installers for freeware and cracked versions of paid software. cn/eg/fr/de/in/it/co.jp/nl/pl/sa/sg/es/se/ae/co.uk/com/com.au/com.br/mx/tr

Media 134

Media Malware Spyware Accountability 134

Security Affairs

OCTOBER 11, 2021

A Togolese human rights advocate was hit by mobile spyware that has been allegedly developed by an Indian firm called Innefu Labs. Experts believe the attackers used a spyware developed by an Indian company called Innefu Labs. In the past, the Donot Team spyware was found in attacks outside of South Asia. Pierluigi Paganini.

Spyware 86

Spyware Surveillance Accountability Mobile 86

Security Affairs

AUGUST 21, 2022

The Donot Team threat actor, aka APT-C-35 , has added new capabilities to its Jaca Windows malware framework. In the past, the Donot Team spyware was found in attacks outside of South Asia. Once enabled the macros, a piece of shellcode is injected into memory, then it downloads and executes a second-stage shellcode from the C2 server.

Malware 96

Malware Spyware Phishing Government 96

The Hacker News

JULY 31, 2023

Organizations in Italy are the target of a new phishing campaign that leverages a new strain of malware called WikiLoader with an ultimate aim to install a banking trojan, stealer, and spyware called Ursnif (aka Gozi). "It The malware uses multiple mechanisms to evade

Banking 85

Banking Spyware Phishing Malware 85

Threatpost

JULY 18, 2022

Google removed eight Android apps, with 3M cumulative downloads, from its marketplace for being infected with a Joker spyware variant.

Spyware 91

Spyware Malware Mobile 91