Malwarebytes

FEBRUARY 3, 2025

WhatsApp has accused the professional spyware company Paragon of spying on a select group of users. WhatsApp, the Meta-owned, end-to-end encrypted messaging platform, said it has reliable information that nearly 100 journalists and other members of civil society were targets of a spyware campaign conducted by the Israeli spyware company.

Spyware 119

Spyware Accountability Encryption Government 119

The Hacker News

JANUARY 31, 2025

Meta-owned WhatsApp on Friday said it disrupted a campaign that involved the use of spyware to target journalists and civil society members. The campaign, which targeted around 90 members, involved the use of spyware from an Israeli company known as Paragon Solutions. The attackers were neutralized in December 2024.

Spyware 143

Spyware Encryption 143

Security Affairs

AUGUST 7, 2024

A previously unknown Android Spyware, dubbed LianSpy, has been targeting Russian users since at least 2021. In March 2024, cybersecurity researchers from Kaspersky discovered previously unknown Android spyware dubbed LianSpy. This AES key is then encrypted using a hardcoded public RSA key embedded in the spyware.

Spyware 143

Spyware Malware Encryption Data collection 143

Schneier on Security

JUNE 23, 2021

Its spyware is also said to be equipped with a keylogger, which means every keystroke made on an infected device — including passwords, search queries and messages sent via encrypted messaging apps — can be tracked and monitored.

Manufacturing 290

Manufacturing Spyware Surveillance Marketing 290

Bleeping Computer

NOVEMBER 13, 2021

The GravityRAT remote access trojan is being distributed in the wild again, this time under the guise of an end-to-end encrypted chat application called SoSafe Chat. [.].

Encryption 131

Encryption Spyware 131

Malwarebytes

MARCH 5, 2024

A California federal judge has ordered spyware maker NSO Group to hand over the code for Pegasus and other spyware products that were used to spy on WhatsApp users. During this time, NSO Group gained access to the users’ sensitive data, including encrypted messages. Things have developed since then.

Spyware 143

Spyware Government Mobile Encryption 143

Security Affairs

SEPTEMBER 14, 2023

The iPhone of a prominent Russian journalist, who is at odds with Moscow, was infected with NSO Group’s Pegasus spyware. The iPhone of the Russian journalist Galina Timchenko was compromised with NSO Group’s Pegasus spyware. The threat actors used a zero-click exploit, likely the PWNYOURHOME. ” reported Citizen Lab.

Spyware 133

Spyware Surveillance Media Government 133

Security Affairs

NOVEMBER 8, 2021

A Hungarian government official confirmed that his government has bought and used the controversial NSO Group’s Pegasus spyware. In July, a large-scale investigation, dubbed Pegasus Project , into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pierluigi Paganini.

Spyware 120

Spyware Surveillance Media Government 120

Security Affairs

MARCH 27, 2021

Researchers spotted a sophisticated Android spyware that implements exfiltration capabilities and surveillance features, including recording audio and phone calls. Experts from security firm Zimperium have spotted a new sophisticated Android spyware that masquerades itself as a System Update application. ” concludes the report.

Spyware 120

Spyware Malware Surveillance Mobile 120

SecureList

JUNE 21, 2023

Over the years, there have been multiple cases when iOS devices were infected with targeted spyware such as Pegasus, Predator, Reign and others. Due to this granularity, discovering one exploit in the chain often does not result in retrieving the rest of the chain and obtaining the final spyware payload.

Spyware 145

Spyware Encryption Passwords Backups 145

Security Affairs

JULY 30, 2024

A new version of the Mandrake Android spyware has been found in five apps on Google Play, which have been downloaded over 32,000 times since 2022. Researchers from Kaspersky discovered a new version of the Mandrake Android spyware in five app on Google Play, totaling over 32,000 downloads between 2022 and 2024.

Spyware 128

Spyware Malware Mobile Marketing 128

Security Affairs

APRIL 16, 2024

Researchers warn of a renewed cyber espionage campaign targeting users in South Asia with the Apple iOS spyware LightSpy Blackberry researchers discovered a renewed cyber espionage campaign targeting South Asia with an Apple iOS spyware called LightSpy. ” reads the report published by BlackBerry.

Spyware 134

Spyware Mobile Malware Encryption 134

Security Affairs

DECEMBER 8, 2024

officials urge Americans to use encrypted apps amid unprecedented cyberattack The Great Pokmon Go Spy Panic Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,newsletter) warn of PRC-linked cyber espionage targeting telecom networks U.S.

Artificial Intelligence 104

Artificial Intelligence Spyware Hacking Ransomware 104

Schneier on Security

JANUARY 24, 2020

That file shows an image of the Saudi Arabian flag and Swedish flags and arrived with an encrypted downloader. Because the downloader was encrypted this delayed or further prevented "study of the code delivered along with the video.". But the report doesn't indicate if that did get done.

Hacking 269

Hacking Backups Spyware Encryption 269

Security Affairs

AUGUST 15, 2020

The malware also implements ransomware behavior, it is able to encrypt files and display a ransom note. The post XCSSET Mac spyware spreads via Xcode Projects appeared first on Security Affairs. The malware also allows attackers to capture screenshots and exfiltrate stolen documents to the attackers’ server. Pierluigi Paganini.

Spyware 144

Spyware Malware Advertising Cryptocurrency 144

Security Affairs

OCTOBER 29, 2021

The Hive ransomware operators have developed a new variant of their malware that can encrypt Linux and FreeBSD. ESET researchers discovered a new Hive ransomware variant that was specifically developed to encrypt Linux and FreeBSD. The Hive ransomware adds the.hive extension to the filename of encrypted files. .

Encryption 138

Encryption Ransomware Spyware Malware 138

Security Affairs

JUNE 15, 2020

The Earth Empusa threat group is distributing new Android spyware, dubbed ActionSpy, through watering hole attacks to targets Turkic minority group. ActionSpy, which may have been around since 2017, is an Android spyware that allows the attacker to collect information from the compromised devices,” reads the report published by Trend Micro.

Spyware 107

Spyware Advertising Encryption Phishing 107

Security Affairs

SEPTEMBER 8, 2019

Security experts at Google have removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” ” Google has removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” ” states the analysis. The C&C URL 6.

Spyware 111

Spyware Advertising Malware Cryptocurrency 111

Heimadal Security

NOVEMBER 15, 2021

GravityRAT, a Remote Access Trojan, is being spread in the wild once more, this time disguised as SoSafe Chat, an end-to-end encrypted chat application. GravityRAT is a spyware-type of malware that enables threat actors to steal data from compromised machines. The trojan has […].

Encryption 98

Encryption Spyware Malware Cybersecurity 98

Security Affairs

NOVEMBER 24, 2021

federal court for illegally targeting its customers with the surveillance spyware Pegasus. The complaint provides new information on how NSO Group infected victims’ devices with its Pegasus spyware. Apple has sued NSO Group and its parent company Q Cyber Technologies in a U.S. ” reads the announcement published by Apple.

Spyware 100

Spyware Surveillance Software Hacking 100

Dark Reading

SEPTEMBER 8, 2023

Legitimate-seeming Telegram "mods" available in the official Google Play store for the encrypted messaging app signal the rise of a new enterprise threat.

Spyware 128

Spyware Mobile Encryption 128

Malwarebytes

FEBRUARY 16, 2022

The European Data Protection Supervisor (EDPS) has urged the EU to ban the development and deployment of spyware with the capabilities of Pegasus to protect fundamental rights and freedoms. For an in-depth look at Pegasus, have a listen to our podcast about the world’s most coveted spyware, Pegasus: Lock and Code S03E04.

Spyware 98

Spyware Surveillance Hacking Government 98

Security Affairs

APRIL 13, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Lazarus Expands Malicious npm Campaign: 11 New Packages Add Malware Loaders and Bitbucket Payloads BadBazaar: iOS and Android Surveillanceware by Chinas APT15 Used to Target Tibetans and Uyghurs GOFFEE continues to attack (..)

Malware 75

Malware Spyware Government Mobile 75

Security Affairs

JULY 18, 2019

The researchers attribute the spyware to the Russia-linked and Gamaredon Group. die3” to encrypt or decrypt data to and from the C&C. The post Experts spotted a rare Linux Desktop spyware dubbed EvilGnome appeared first on Security Affairs. ” reads the analysis published by Intezer. Pierluigi Paganini.

Spyware 109

Spyware Malware Advertising Cyber Attacks 109

Security Affairs

MARCH 11, 2019

In July, the experts discovered a new sophisticated version of the AZORult Spyware that was involved in a large email campaign on July 18. ” One of the variants analyzed by BleepingComputer encrypts data and appends the.promorad extension to encrypted files, then it creates ransom notes named _readme.txt as shown below.

Encryption 109

Encryption Ransomware Cryptocurrency Passwords 109

Security Affairs

NOVEMBER 17, 2024

CISA adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog Hackers target critical flaw CVE-2024-10914 in EOL D-Link NAS Devices China-linked threat actors compromised multiple telecos and spied on a limited number of U.S.

Cryptocurrency 112

Cryptocurrency Malware Hacking Ransomware 112

Security Affairs

SEPTEMBER 27, 2020

Experts from Amnesty International uncovered a surveillance campaign that targeted Egyptian civil society organizations with a new version of FinSpy spyware. The binaries are obfuscated and do some checks to detect if the spyware is running in a Virtual Machine. ” reads the Amnesty’s report.

Spyware 145

Spyware Surveillance Advertising Mobile 145

SecureList

FEBRUARY 5, 2025

It encrypts data with AES-256 in CBC mode before sending and decrypts server responses with AES-128 in CBC mode. The process of sending data to “rust” consists of three stages: Data is encrypted with AES-256 in CBC mode using the same key as in the case of the “http” server.

Malware 144

Malware Encryption Mobile Cryptocurrency 144

Security Affairs

OCTOBER 24, 2019

The Sweden government is going to authorize the use of spyware on suspects’ devices to spy on their communications and track them. “ The police are given the opportunity to read encrypted communications. From March next year, it will be legal to intercept encrypted calls in mobiles, computers and video calls.”

Spyware 75

Spyware Government Surveillance Encryption 75

Security Affairs

APRIL 16, 2019

Scranos is a powerful cross-platform rootkit-enabled spyware discovered while investigating malware posing as legitimate software like video players, drivers and even anti-virus products. Browsing History Stealer Payload — This payload collects Chrome’s browsing history and sends it to the C&C in an encrypted form.

Spyware 104

Spyware Adware Malware Accountability 104

Malwarebytes

APRIL 11, 2024

Mercenary spyware is used by governments to target people like journalists, political activists, and similar targets, and involves the use of sophisticated tools like Pegasus. Pegasus is one of the world’s most advanced and invasive spyware tools, known to utilize zero-day vulnerabilities against mobile devices.

Spyware 133

Spyware Government Mobile Password Management 133

Security Affairs

SEPTEMBER 4, 2018

The company that sells the parental control spyware app Family Orbit has been hacked, pictures of hundreds of monitored children were left online. The company that sells the parental control spyware app Family Orbit has been hacked, the pictures of hundreds of monitored children were left online only protected by a password.

Spyware 76

Spyware Hacking Data breaches Passwords 76

Security Affairs

NOVEMBER 24, 2024

Fake AI video generators infect Windows, macOS with infostealers How Italy became an unexpected spyware hub Babble Babble Babble Babble Babble Babble BabbleLoader One Sock Fits All: The use and abuse of the NSOCKS botnet Helldown Ransomware: an overview of this emerging threat Python NodeStealer Targets Facebook Ads Manager with New Techniques Chaotic-Based (..)

Malware 64

Malware Spyware Antivirus VPN 64

WIRED Threat Level

FEBRUARY 22, 2025

Plus: Apple turns off end-to-end encrypted iCloud backups in the UK after pressure to install a backdoor, and two spyware apps expose victim dataand the identities of people who installed the apps.

Spyware 102

Spyware Backups Encryption Hacking 102

Security Affairs

FEBRUARY 9, 2025

Texas is the first state to ban DeepSeek on government devices Law enforcement seized the domains of HeartSender cybercrime marketplaces WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware Ransomware attack hit Indian multinational Tata Technologies International Press Newsletter Cybercrime FBI, Dutch Police Disrupt Manipulaters (..)

Spyware 62

Spyware Cybercrime Scams Social Engineering 62

Security Affairs

JANUARY 19, 2025

CISA adds Aviatrix Controllers vulnerability to its Known Exploited Vulnerabilities catalog ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems Russia-linked APT Star Blizzard targets WhatsApp accounts Prominent US law firm Wolf Haldenstein disclosed a data breach Clop Ransomware exploits Cleo File Transfer flaw: dozens (..)

Spyware 71

Spyware Data breaches DNS Artificial Intelligence 71

Security Boulevard

FEBRUARY 11, 2021

Hornbill and SunBird have sophisticated capabilities to exfiltrate SMS message content, encrypted messaging app content, geolocation, contact information, call logs, as well. The post Lookout Threat Researchers Discover State-Sponsored Android Spyware Connected to Confucius APT appeared first on Security Boulevard.

Spyware 69

Spyware Encryption 69