Russian cyberspies target Android users with new spyware

December 13, 2024 at 12:49PM Russian cyberspies Gamaredon are using two Android spyware families, BoneSpy and PlainGnome, to target Russian-speaking individuals in former Soviet states. BoneSpy has been active since 2021, while PlainGnome emerged in 2024. Both malware types collect extensive data from mobile devices, highlighting Gamaredon’s evolved tactics in digital surveillance. **Meeting Takeaways:** 1. … Read more

Gamaredon Deploys Android Spyware “BoneSpy” and “PlainGnome” in Former Soviet States

December 12, 2024 at 09:51AM Gamaredon, a Russia-linked threat actor, has developed two Android spyware tools, BoneSpy and PlainGnome, targeting Russian-speaking victims in former Soviet states. These tools gather extensive data from infected devices. Their use marks the first instance of mobile-only malware in Gamaredon’s campaigns, which also includes attempts against NATO countries. ### Meeting … Read more

Chinese EagleMsgSpy Spyware Found Exploiting Mobile Devices Since 2017

December 11, 2024 at 07:30AM Cybersecurity researchers revealed the EagleMsgSpy surveillance program, allegedly used by Chinese police since 2017, to gather extensive data from mobile devices. Operating through an installer and a headless client, it captures messages, call logs, and location data, requiring physical access to activate. It targets law enforcement applications, indicating its serious … Read more

FSB Uses Trojan App to Monitor Russian Programmer Accused of Supporting Ukraine

December 6, 2024 at 11:24AM A Russian programmer’s Android device was secretly infected with spyware by the FSB after his detention for allegedly donating to Ukraine. The spyware, disguised as a legitimate app, enables extensive data collection. This incident highlights the risks associated with security services gaining custody of personal devices. ### Meeting Takeaways – … Read more

New Android spyware found on phone seized by Russian FSB

December 5, 2024 at 12:18PM Russian programmer Kirill Parubets was detained by the FSB and found spyware installed on his phone after it was returned. Citizen Lab confirmed the malware impersonates a popular app and offers extensive permissions. The spyware appears related to the Monokle variant, with enhanced features for surveillance and data extraction. ### … Read more

Pegasus Spyware Infections Proliferate Across iOS, Android Devices

December 4, 2024 at 03:09PM Researchers from iVerify revealed seven new Pegasus spyware infections affecting journalists and officials on iPhone and Android devices, spanning attacks from 2021 to 2023. This underscores the underestimated prevalence of mobile spyware, as traditional security measures frequently fail to detect such threats. Regular device updates and user education are vital … Read more

8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play

December 2, 2024 at 05:45AM A report from McAfee Labs identifies over a dozen malicious Android apps on the Google Play Store, collectively downloaded over 8 million times, which contain SpyLoan malware. These apps deceive users into sharing sensitive information under the guise of providing quick loans, leading to financial exploitation and privacy violations. ### … Read more

Google’s New Restore Credentials Tool Simplifies App Login After Android Migration

November 25, 2024 at 10:00AM Google has launched a new feature, Restore Credentials, as part of Android’s Credential Manager API to simplify account access restoration for third-party apps when users switch devices. This automatic, background process allows users to log in seamlessly using encrypted restore keys, enhancing security and user experience during transitions. **Meeting Takeaways: … Read more

China’s ‘Liminal Panda’ APT Attacks Telcos, Steals Phone Data

November 20, 2024 at 03:38PM A new threat actor, Liminal Panda, has been spying on mobile phones in Asia and Africa for over four years, targeting telecommunications networks to gather sensitive data for potential use by the Chinese state. The group’s tactics involve network-based attacks and exploiting telecommunications infrastructure for economic and political espionage. ### … Read more

iOS 18 added secret and smart security feature that reboots iThings after three days

November 19, 2024 at 03:38AM Apple’s iOS 18 introduces a security feature that reboots devices after 72 hours of inactivity, enhancing data protection by keeping files encrypted in Before First Unlock (BFU) mode. This reduces access risks for stolen devices, impacting both criminals and forensic analysts, while emphasizing the urgency for law enforcement data extraction. … Read more