SecureList

NOVEMBER 17, 2021

The Israeli Defense Forces (IDF) have claimed that threat actors have been using catfishing to lure Israeli soldiers into installing spyware. When we wrote this prediction, we were mainly thinking about a continuation of all the malicious activities targeting VPN appliances. But this prediction also came true another way.

Mobile 129

Mobile Surveillance Ransomware Government 129

SecureList

OCTOBER 26, 2021

On June 3, Check Point published a report about an ongoing surveillance operation targeting a Southeast Asian government, and attributed the malicious activities to a Chinese-speaking threat actor named SharpPanda. The samples we analyzed mimicked various applications such as private messaging, VPN, and media services. Final thoughts.

Malware 140

Malware Government Surveillance Spyware 140

SecureList

APRIL 27, 2021

During routine monitoring of detections for FinFisher spyware tools, we discovered traces that point to recent FinFly Web deployments. The attackers used vulnerabilities in an SSL-VPN product to deploy a multi-layered loader we dubbed Ecipekac (aka DESLoader, SigLoader and HEAVYHAND). Final thoughts.

Malware 139

Malware Spyware Government Social Engineering 139