December 12, 2024 at 04:35PM EagleMeSpy, a surveillance tool developed by a Chinese company for law enforcement, has been scraping sensitive data from Android devices since 2017. It requires physical access to install and is not available in app stores. Researchers indicate potential iOS versions exist, and the spyware is continuously developed to avoid detection. … Read more
December 5, 2024 at 12:18PM Russian programmer Kirill Parubets was detained by the FSB and found spyware installed on his phone after it was returned. Citizen Lab confirmed the malware impersonates a popular app and offers extensive permissions. The spyware appears related to the Monokle variant, with enhanced features for surveillance and data extraction. ### … Read more
November 21, 2024 at 09:49PM A Thai court dismissed a lawsuit from activist Jatupat Boonpattararaksa, who claimed his phone was hacked by NSO Group’s Pegasus spyware. The court found insufficient evidence of infection. Activists allege government involvement in the spyware’s use, which has targeted numerous individuals amid protests demanding governmental reforms. ### Meeting Takeaways 1. … Read more
October 31, 2024 at 11:21AM Researchers have identified an advanced iOS spyware, LightSpy, which enhances its capabilities and includes destructive functions that can render infected devices unbootable. First discovered in 2020, it captures sensitive data and utilizes various plugins. Suspected to be operated by Chinese attackers, it exploits known security vulnerabilities in Apple’s systems. ### … Read more
September 9, 2024 at 06:28AM The Predator spyware, previously affected by US sanctions against Intellexa Consortium, has reemerged with a new infrastructure, as per Recorded Future. This malware, utilized mainly by government entities, can infiltrate and gather data from devices discreetly. The recent report shows updated evasion techniques and increased usage across multiple countries. From … Read more
August 29, 2024 at 04:10PM Google’s Threat Analysis Group detected similarities between attack tactics used by Russia-linked APT29 group and commercial spyware vendors. The APT29 group, known for past cyber intrusions, utilized malware targeting vulnerabilities in mobile operating systems similar to those used by spyware vendors NSO Group and Intellexa. This underscores the danger posed … Read more
July 19, 2024 at 06:33AM A pro-Houthi threat group known as OilAlpha targeted humanitarian organizations in Yemen with Android spyware, posing as entities like CARE International and the Norwegian Refugee Council. Recorded Future’s Insikt Group noted that the group seeks to gather sensitive data and carry out espionage, possibly to control aid delivery. This follows … Read more
July 14, 2024 at 10:10PM Commercial spyware maker mSpy has been breached, exposing millions of customers’ data including email addresses, IP addresses, and photos. The company, previously breached in 2015 and 2018, is involved in stalkerware applications. Additionally, critical vulnerabilities, plaintext data transmission by Linksys routers, and the targeting of Latin American airlines by Akira … Read more
July 9, 2024 at 07:07AM Surveillance malware like NSO Group’s Pegasus often gets the attention, but less sophisticated tools like GuardZoo, used by Houthi rebels in Yemen, are still prevalent. Distributed through social engineering, it targets military members in Yemen and other countries. Despite being less advanced than Pegasus, its widespread use presents a significant … Read more
July 1, 2024 at 09:06AM Transparent Tribe, a threat actor, has been targeting individuals with malware-laced Android apps as part of a social engineering campaign. Their latest campaign, dubbed CapraTube, expanded to target mobile gamers, weapons enthusiasts, and TikTok fans. The group has a history of targeting the Indian government and military, using spear-phishing and … Read more