article thumbnail

Spyware Vendor Hacked

Schneier on Security

A Brazilian spyware app vendor was hacked by activists: In an undated note seen by TechCrunch, the unnamed hackers described how they found and exploited several security vulnerabilities that allowed them to compromise WebDetetive’s servers and access its user databases. gigabytes of data scraped from the spyware’s web dashboard.

Spyware 250
article thumbnail

Qatar Spyware

Schneier on Security

Everyone visiting Qatar for the World Cup needs to install spyware on their phone. Everyone travelling to Qatar during the football World Cup will be asked to download two apps called Ehteraz and Hayya.

Spyware 314
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Paragon Solutions Spyware: Graphite

Schneier on Security

Paragon Solutions is yet another Israeli spyware company. Their product is called “Graphite,” and is a lot like NSO Group’s Pegasus. And Paragon is working with what seems to be US approval: American approval, even if indirect, has been at the heart of Paragon’s strategy.

Spyware 224
article thumbnail

US Citizen Hacked by Spyware

Schneier on Security

The New York Times is reporting that a US citizen’s phone was hacked by the Predator spyware. The simultaneous tapping of the target’s phone by the national intelligence service and the way she was hacked indicate that the spy service and whoever implanted the spyware, known as Predator, were working hand in hand.

Spyware 192
article thumbnail

Microsoft, Apple versus China, spyware actors

Tech Republic Security

It’s a cat-and-mouse struggle as tech giants Microsoft and Apple deal with persistent threats from China state actors and Pegasus spyware.

Spyware 189
article thumbnail

Another Event-Related Spyware App

Schneier on Security

Last month, we were warned not to install Qatar’s World Cup app because it was spyware. This month, it’s Egypt’s COP27 Summit app : The app is being promoted as a tool to help attendees navigate the event. But it risks giving the Egyptian government permission to read users’ emails and messages.

Spyware 270
article thumbnail

Pegasus spyware and how it exploited a WebP vulnerability

Malwarebytes

Recent events have demonstrated very clearly just how persistent and wide-spread the Pegasus spyware is. The exploit chain based on these vulnerabilities was capable of compromising devices without any interaction from the victim and were reportedly used by the NSO Group to deliver its infamous Pegasus spyware.

Spyware 120